docs: Update change notes.

build: This will probably be the November release.
ssb: Try not very successfully to make the welcome line format less awkwardly.
2025-11-25 18:08:01 -05:00 · 2025-11-25 12:51:13 -05:00 · 2025-11-25 12:50:33 -05:00 · 2025-11-23 20:08:51 -05:00 · 2025-11-23 16:37:00 -05:00 · 2025-11-22 09:28:34 -05:00
114 changed files with 9018 additions and 6984 deletions
--- a/.gitmodules
+++ b/.gitmodules
@@ -19,10 +19,6 @@
 [submodule "deps/picohttpparser"]
 	path = deps/picohttpparser
 	url = https://github.com/h2o/picohttpparser.git
-[submodule "deps/openssl_src"]
-	path = deps/openssl_src
-	url = https://github.com/openssl/openssl.git
-	shallow = true
 [submodule "deps/c-ares"]
 	path = deps/c-ares
 	url = https://github.com/c-ares/c-ares.git
--- a/.prettierignore
+++ b/.prettierignore
@@ -3,6 +3,7 @@ src
 deps
 .clang-format
 flake.lock
+apps/trace/speedscope/**

 # Minified files
 **/*.min.css
--- a/1
+++ b/1
@@ -4,7 +4,6 @@ RUN apt-get update && \
 	apt-get install -y --no-install-recommends \
 		gcc \
 		libc6-dev \
-		perl \
 		make

 COPY . /app
--- a/358
+++ b/358
@@ -1,4 +1,4 @@
-# Doxyfile 1.9.8
+# Doxyfile 1.9.4

 # This file describes the settings to be used by the documentation system
 # doxygen (www.doxygen.org) for a project.
@@ -19,8 +19,7 @@
 # configuration file:
 # doxygen -x [configFile]
 # Use doxygen to compare the used configuration file with the template
-# configuration file without replacing the environment variables or CMake type
-# replacement variables:
+# configuration file without replacing the environment variables:
 # doxygen -x_noenv [configFile]

 #---------------------------------------------------------------------------
@@ -86,7 +85,7 @@ CREATE_SUBDIRS         = NO
 # level increment doubles the number of directories, resulting in 4096
 # directories at level 8 which is the default and also the maximum value. The
 # sub-directories are organized in 2 levels, the first level always has a fixed
-# number of 16 directories.
+# numer of 16 directories.
 # Minimum value: 0, maximum value: 8, default value: 8.
 # This tag requires that the tag CREATE_SUBDIRS is set to YES.

@@ -363,17 +362,6 @@ MARKDOWN_SUPPORT       = YES

 TOC_INCLUDE_HEADINGS   = 5

-# The MARKDOWN_ID_STYLE tag can be used to specify the algorithm used to
-# generate identifiers for the Markdown headings. Note: Every identifier is
-# unique.
-# Possible values are: DOXYGEN use a fixed 'autotoc_md' string followed by a
-# sequence number starting at 0 and GITHUB use the lower case version of title
-# with any whitespace replaced by '-' and punctuation characters removed.
-# The default value is: DOXYGEN.
-# This tag requires that the tag MARKDOWN_SUPPORT is set to YES.
-
-MARKDOWN_ID_STYLE      = DOXYGEN
-
 # When enabled doxygen tries to link words that correspond to documented
 # classes, or namespaces to their corresponding documentation. Such a link can
 # be prevented in individual cases by putting a % sign in front of the word or
@@ -498,14 +486,6 @@ LOOKUP_CACHE_SIZE      = 0

 NUM_PROC_THREADS       = 1

-# If the TIMESTAMP tag is set different from NO then each generated page will
-# contain the date or date and time when the page was generated. Setting this to
-# NO can help when comparing the output of multiple runs.
-# Possible values are: YES, NO, DATETIME and DATE.
-# The default value is: NO.
-
-TIMESTAMP              = NO
-
 #---------------------------------------------------------------------------
 # Build related configuration options
 #---------------------------------------------------------------------------
@@ -587,8 +567,7 @@ HIDE_UNDOC_MEMBERS     = NO
 # If the HIDE_UNDOC_CLASSES tag is set to YES, doxygen will hide all
 # undocumented classes that are normally visible in the class hierarchy. If set
 # to NO, these classes will be included in the various overviews. This option
-# will also hide undocumented C++ concepts if enabled. This option has no effect
-# if EXTRACT_ALL is enabled.
+# has no effect if EXTRACT_ALL is enabled.
 # The default value is: NO.

 HIDE_UNDOC_CLASSES     = NO
@@ -626,8 +605,7 @@ INTERNAL_DOCS          = NO
 # Windows (including Cygwin) and MacOS, users should typically set this option
 # to NO, whereas on Linux or other Unix flavors it should typically be set to
 # YES.
-# Possible values are: SYSTEM, NO and YES.
-# The default value is: SYSTEM.
+# The default value is: system dependent.

 CASE_SENSE_NAMES       = YES

@@ -879,26 +857,11 @@ WARN_IF_INCOMPLETE_DOC = YES

 WARN_NO_PARAMDOC       = NO

-# If WARN_IF_UNDOC_ENUM_VAL option is set to YES, doxygen will warn about
-# undocumented enumeration values. If set to NO, doxygen will accept
-# undocumented enumeration values. If EXTRACT_ALL is set to YES then this flag
-# will automatically be disabled.
-# The default value is: NO.
-
-WARN_IF_UNDOC_ENUM_VAL = NO
-
 # If the WARN_AS_ERROR tag is set to YES then doxygen will immediately stop when
 # a warning is encountered. If the WARN_AS_ERROR tag is set to FAIL_ON_WARNINGS
 # then doxygen will continue running as if WARN_AS_ERROR tag is set to NO, but
 # at the end of the doxygen process doxygen will return with a non-zero status.
-# If the WARN_AS_ERROR tag is set to FAIL_ON_WARNINGS_PRINT then doxygen behaves
-# like FAIL_ON_WARNINGS but in case no WARN_LOGFILE is defined doxygen will not
-# write the warning messages in between other messages but write them at the end
-# of a run, in case a WARN_LOGFILE is defined the warning messages will be
-# besides being in the defined file also be shown at the end of a run, unless
-# the WARN_LOGFILE is defined as - i.e. standard output (stdout) in that case
-# the behavior will remain as with the setting FAIL_ON_WARNINGS.
-# Possible values are: NO, YES, FAIL_ON_WARNINGS and FAIL_ON_WARNINGS_PRINT.
+# Possible values are: NO, YES and FAIL_ON_WARNINGS.
 # The default value is: NO.

 WARN_AS_ERROR          = NO
@@ -947,7 +910,6 @@ INPUT                  = README.md \
                         core/app.js \
                         core/client.js \
                         core/core.js \
-                         core/http.js \
                         core/tfrpc.js \
                         docs/ \
                         src/
@@ -957,21 +919,10 @@ INPUT                  = README.md \
 # libiconv (or the iconv built into libc) for the transcoding. See the libiconv
 # documentation (see:
 # https://www.gnu.org/software/libiconv/) for the list of possible encodings.
-# See also: INPUT_FILE_ENCODING
 # The default value is: UTF-8.

 INPUT_ENCODING         = UTF-8

-# This tag can be used to specify the character encoding of the source files
-# that doxygen parses The INPUT_FILE_ENCODING tag can be used to specify
-# character encoding on a per file pattern basis. Doxygen will compare the file
-# name with each pattern and apply the encoding instead of the default
-# INPUT_ENCODING) if there is a match. The character encodings are a list of the
-# form: pattern=encoding (like *.php=ISO-8859-1). See cfg_input_encoding
-# "INPUT_ENCODING" for further information on supported encodings.
-
-INPUT_FILE_ENCODING    =
-
 # If the value of the INPUT tag contains directories, you can use the
 # FILE_PATTERNS tag to specify one or more wildcard patterns (like *.cpp and
 # *.h) to filter out the source-files in the directories.
@@ -983,12 +934,12 @@ INPUT_FILE_ENCODING    =
 # Note the list of default checked file patterns might differ from the list of
 # default file extension mappings.
 #
-# If left blank the following patterns are tested:*.c, *.cc, *.cxx, *.cxxm,
-# *.cpp, *.cppm, *.c++, *.c++m, *.java, *.ii, *.ixx, *.ipp, *.i++, *.inl, *.idl,
-# *.ddl, *.odl, *.h, *.hh, *.hxx, *.hpp, *.h++, *.ixx, *.l, *.cs, *.d, *.php,
-# *.php4, *.php5, *.phtml, *.inc, *.m, *.markdown, *.md, *.mm, *.dox (to be
-# provided as doxygen C comment), *.py, *.pyw, *.f90, *.f95, *.f03, *.f08,
-# *.f18, *.f, *.for, *.vhd, *.vhdl, *.ucf, *.qsf and *.ice.
+# If left blank the following patterns are tested:*.c, *.cc, *.cxx, *.cpp,
+# *.c++, *.java, *.ii, *.ixx, *.ipp, *.i++, *.inl, *.idl, *.ddl, *.odl, *.h,
+# *.hh, *.hxx, *.hpp, *.h++, *.l, *.cs, *.d, *.php, *.php4, *.php5, *.phtml,
+# *.inc, *.m, *.markdown, *.md, *.mm, *.dox (to be provided as doxygen C
+# comment), *.py, *.pyw, *.f90, *.f95, *.f03, *.f08, *.f18, *.f, *.for, *.vhd,
+# *.vhdl, *.ucf, *.qsf and *.ice.

 FILE_PATTERNS          = *.h \
                         *.js \
@@ -1030,6 +981,9 @@ EXCLUDE_PATTERNS       =
 # output. The symbol name can be a fully qualified name, a word, or if the
 # wildcard * is used, a substring. Examples: ANamespace, AClass,
 # ANamespace::AClass, ANamespace::*Test
+#
+# Note that the wildcards are matched against the file with absolute path, so to
+# exclude all test directories use the pattern */test/*

 EXCLUDE_SYMBOLS        =

@@ -1074,11 +1028,6 @@ IMAGE_PATH             = docs/images/
 # code is scanned, but not when the output code is generated. If lines are added
 # or removed, the anchors will not be placed correctly.
 #
-# Note that doxygen will use the data processed and written to standard output
-# for further processing, therefore nothing else, like debug statements or used
-# commands (so in case of a Windows batch file always use @echo OFF), should be
-# written to standard output.
-#
 # Note that for custom extensions or not directly supported extensions you also
 # need to set EXTENSION_MAPPING for the extension otherwise the files are not
 # properly processed by doxygen.
@@ -1120,15 +1069,6 @@ FILTER_SOURCE_PATTERNS =

 USE_MDFILE_AS_MAINPAGE = README.md

-# The Fortran standard specifies that for fixed formatted Fortran code all
-# characters from position 72 are to be considered as comment. A common
-# extension is to allow longer lines before the automatic comment starts. The
-# setting FORTRAN_COMMENT_AFTER will also make it possible that longer lines can
-# be processed before the automatic comment starts.
-# Minimum value: 7, maximum value: 10000, default value: 72.
-
-FORTRAN_COMMENT_AFTER  = 72
-
 #---------------------------------------------------------------------------
 # Configuration options related to source browsing
 #---------------------------------------------------------------------------
@@ -1266,11 +1206,10 @@ CLANG_DATABASE_PATH    =

 ALPHABETICAL_INDEX     = YES

-# The IGNORE_PREFIX tag can be used to specify a prefix (or a list of prefixes)
-# that should be ignored while generating the index headers. The IGNORE_PREFIX
-# tag works for classes, function and member names. The entity will be placed in
-# the alphabetical list under the first letter of the entity name that remains
-# after removing the prefix.
+# In case all classes in a project start with a common prefix, all classes will
+# be put under the same header in the alphabetical index. The IGNORE_PREFIX tag
+# can be used to specify a prefix (or a list of prefixes) that should be ignored
+# while generating the index headers.
 # This tag requires that the tag ALPHABETICAL_INDEX is set to YES.

 IGNORE_PREFIX          =
@@ -1349,12 +1288,7 @@ HTML_STYLESHEET        =
 # Doxygen will copy the style sheet files to the output directory.
 # Note: The order of the extra style sheet files is of importance (e.g. the last
 # style sheet in the list overrules the setting of the previous ones in the
-# list).
-# Note: Since the styling of scrollbars can currently not be overruled in
-# Webkit/Chromium, the styling will be left out of the default doxygen.css if
-# one or more extra stylesheets have been specified. So if scrollbar
-# customization is desired it has to be added explicitly. For an example see the
-# documentation.
+# list). For an example see the documentation.
 # This tag requires that the tag GENERATE_HTML is set to YES.

 HTML_EXTRA_STYLESHEET  =
@@ -1369,19 +1303,6 @@ HTML_EXTRA_STYLESHEET  =

 HTML_EXTRA_FILES       =

-# The HTML_COLORSTYLE tag can be used to specify if the generated HTML output
-# should be rendered with a dark or light theme.
-# Possible values are: LIGHT always generate light mode output, DARK always
-# generate dark mode output, AUTO_LIGHT automatically set the mode according to
-# the user preference, use light mode if no preference is set (the default),
-# AUTO_DARK automatically set the mode according to the user preference, use
-# dark mode if no preference is set and TOGGLE allow to user to switch between
-# light and dark mode via a button.
-# The default value is: AUTO_LIGHT.
-# This tag requires that the tag GENERATE_HTML is set to YES.
-
-HTML_COLORSTYLE        = AUTO_LIGHT
-
 # The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. Doxygen
 # will adjust the colors in the style sheet and background images according to
 # this color. Hue is specified as an angle on a color-wheel, see
@@ -1412,6 +1333,15 @@ HTML_COLORSTYLE_SAT    = 100

 HTML_COLORSTYLE_GAMMA  = 80

+# If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML
+# page will contain the date and time when the page was generated. Setting this
+# to YES can help to show when doxygen was last run and thus if the
+# documentation is up to date.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+#HTML_TIMESTAMP         = NO
+
 # If the HTML_DYNAMIC_MENUS tag is set to YES then the generated HTML
 # documentation will contain a main index with vertical navigation menus that
 # are dynamically created via JavaScript. If disabled, the navigation index will
@@ -1431,13 +1361,6 @@ HTML_DYNAMIC_MENUS     = YES

 HTML_DYNAMIC_SECTIONS  = NO

-# If the HTML_CODE_FOLDING tag is set to YES then classes and functions can be
-# dynamically folded and expanded in the generated HTML source code.
-# The default value is: YES.
-# This tag requires that the tag GENERATE_HTML is set to YES.
-
-HTML_CODE_FOLDING      = YES
-
 # With HTML_INDEX_NUM_ENTRIES one can control the preferred number of entries
 # shown in the various tree structured indices initially; the user can expand
 # and collapse entries dynamically later on. Doxygen will expand the tree to
@@ -1568,16 +1491,6 @@ BINARY_TOC             = NO

 TOC_EXPAND             = NO

-# The SITEMAP_URL tag is used to specify the full URL of the place where the
-# generated documentation will be placed on the server by the user during the
-# deployment of the documentation. The generated sitemap is called sitemap.xml
-# and placed on the directory specified by HTML_OUTPUT. In case no SITEMAP_URL
-# is specified no sitemap is generated. For information about the sitemap
-# protocol see https://www.sitemaps.org
-# This tag requires that the tag GENERATE_HTML is set to YES.
-
-SITEMAP_URL            =
-
 # If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and
 # QHP_VIRTUAL_FOLDER are set, an additional index file will be generated that
 # can be used as input for Qt's qhelpgenerator to generate a Qt Compressed Help
@@ -1753,6 +1666,17 @@ HTML_FORMULA_FORMAT    = png

 FORMULA_FONTSIZE       = 10

+# Use the FORMULA_TRANSPARENT tag to determine whether or not the images
+# generated for formulas are transparent PNGs. Transparent PNGs are not
+# supported properly for IE 6.0, but are supported on all modern browsers.
+#
+# Note that when changing this option you need to delete any form_*.png files in
+# the HTML output directory before the changes have effect.
+# The default value is: YES.
+# This tag requires that the tag GENERATE_HTML is set to YES.
+
+#FORMULA_TRANSPARENT    = YES
+
 # The FORMULA_MACROFILE can contain LaTeX \newcommand and \renewcommand commands
 # to create new LaTeX commands to be used in formulas as building blocks. See
 # the section "Including formulas" for details.
@@ -1814,8 +1738,8 @@ MATHJAX_RELPATH        = https://cdn.jsdelivr.net/npm/mathjax@2

 # The MATHJAX_EXTENSIONS tag can be used to specify one or more MathJax
 # extension names that should be enabled during MathJax rendering. For example
-# for MathJax version 2 (see
-# https://docs.mathjax.org/en/v2.7-latest/tex.html#tex-and-latex-extensions):
+# for MathJax version 2 (see https://docs.mathjax.org/en/v2.7-latest/tex.html
+# #tex-and-latex-extensions):
 # MATHJAX_EXTENSIONS = TeX/AMSmath TeX/AMSsymbols
 # For example for MathJax version 3 (see
 # http://docs.mathjax.org/en/latest/input/tex/extensions/index.html):
@@ -2066,16 +1990,9 @@ PDF_HYPERLINKS         = YES

 USE_PDFLATEX           = YES

-# The LATEX_BATCHMODE tag signals the behavior of LaTeX in case of an error.
-# Possible values are: NO same as ERROR_STOP, YES same as BATCH, BATCH In batch
-# mode nothing is printed on the terminal, errors are scrolled as if <return> is
-# hit at every error; missing files that TeX tries to input or request from
-# keyboard input (\read on a not open input stream) cause the job to abort,
-# NON_STOP In nonstop mode the diagnostic message will appear on the terminal,
-# but there is no possibility of user interaction just like in batch mode,
-# SCROLL In scroll mode, TeX will stop only for missing files to input or if
-# keyboard input is necessary and ERROR_STOP In errorstop mode, TeX will stop at
-# each error, asking for user intervention.
+# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \batchmode
+# command to the generated LaTeX files. This will instruct LaTeX to keep running
+# if errors occur, instead of asking the user for help.
 # The default value is: NO.
 # This tag requires that the tag GENERATE_LATEX is set to YES.

@@ -2096,6 +2013,14 @@ LATEX_HIDE_INDICES     = NO

 LATEX_BIB_STYLE        = plain

+# If the LATEX_TIMESTAMP tag is set to YES then the footer of each generated
+# page will contain the date and time when the page was generated. Setting this
+# to NO can help when comparing the output of multiple runs.
+# The default value is: NO.
+# This tag requires that the tag GENERATE_LATEX is set to YES.
+
+#LATEX_TIMESTAMP        = NO
+
 # The LATEX_EMOJI_DIRECTORY tag is used to specify the (relative or absolute)
 # path from which the emoji images will be read. If a relative path is entered,
 # it will be relative to the LATEX_OUTPUT directory. If left blank the
@@ -2261,39 +2186,13 @@ DOCBOOK_OUTPUT         = docbook
 #---------------------------------------------------------------------------

 # If the GENERATE_AUTOGEN_DEF tag is set to YES, doxygen will generate an
-# AutoGen Definitions (see https://autogen.sourceforge.net/) file that captures
+# AutoGen Definitions (see http://autogen.sourceforge.net/) file that captures
 # the structure of the code including all documentation. Note that this feature
 # is still experimental and incomplete at the moment.
 # The default value is: NO.

 GENERATE_AUTOGEN_DEF   = NO

-#---------------------------------------------------------------------------
-# Configuration options related to Sqlite3 output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_SQLITE3 tag is set to YES doxygen will generate a Sqlite3
-# database with symbols found by doxygen stored in tables.
-# The default value is: NO.
-
-#GENERATE_SQLITE3       = NO
-
-# The SQLITE3_OUTPUT tag is used to specify where the Sqlite3 database will be
-# put. If a relative path is entered the value of OUTPUT_DIRECTORY will be put
-# in front of it.
-# The default directory is: sqlite3.
-# This tag requires that the tag GENERATE_SQLITE3 is set to YES.
-
-#SQLITE3_OUTPUT         = sqlite3
-
-# The SQLITE3_OVERWRITE_DB tag is set to YES, the existing doxygen_sqlite3.db
-# database file will be recreated with each doxygen run. If set to NO, doxygen
-# will warn if an a database file is already found and not modify it.
-# The default value is: YES.
-# This tag requires that the tag GENERATE_SQLITE3 is set to YES.
-
-#SQLITE3_RECREATE_DB    = YES
-
 #---------------------------------------------------------------------------
 # Configuration options related to the Perl module output
 #---------------------------------------------------------------------------
@@ -2436,15 +2335,15 @@ TAGFILES               =

 GENERATE_TAGFILE       =

-# If the ALLEXTERNALS tag is set to YES, all external classes and namespaces
-# will be listed in the class and namespace index. If set to NO, only the
-# inherited external classes will be listed.
+# If the ALLEXTERNALS tag is set to YES, all external class will be listed in
+# the class index. If set to NO, only the inherited external classes will be
+# listed.
 # The default value is: NO.

 ALLEXTERNALS           = NO

 # If the EXTERNAL_GROUPS tag is set to YES, all external groups will be listed
-# in the topic index. If set to NO, only the current project's groups will be
+# in the modules index. If set to NO, only the current project's groups will be
 # listed.
 # The default value is: YES.

@@ -2458,9 +2357,16 @@ EXTERNAL_GROUPS        = YES
 EXTERNAL_PAGES         = YES

 #---------------------------------------------------------------------------
-# Configuration options related to diagram generator tools
+# Configuration options related to the dot tool
 #---------------------------------------------------------------------------

+# You can include diagrams made with dia in doxygen documentation. Doxygen will
+# then run dia to produce the diagram and insert it in the documentation. The
+# DIA_PATH tag allows you to specify the directory where the dia binary resides.
+# If left empty dia is assumed to be found in the default search path.
+
+DIA_PATH               =
+
 # If set to YES the inheritance and collaboration graphs will hide inheritance
 # and usage relations if the target is undocumented or is not a class.
 # The default value is: YES.
@@ -2469,10 +2375,10 @@ HIDE_UNDOC_RELATIONS   = YES

 # If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
 # available from the path. This tool is part of Graphviz (see:
-# https://www.graphviz.org/), a graph visualization toolkit from AT&T and Lucent
+# http://www.graphviz.org/), a graph visualization toolkit from AT&T and Lucent
 # Bell Labs. The other options in this section have no effect if this option is
 # set to NO
-# The default value is: YES.
+# The default value is: NO.

 HAVE_DOT               = YES

@@ -2486,51 +2392,37 @@ HAVE_DOT               = YES

 DOT_NUM_THREADS        = 0

-# DOT_COMMON_ATTR is common attributes for nodes, edges and labels of
-# subgraphs. When you want a differently looking font in the dot files that
-# doxygen generates you can specify fontname, fontcolor and fontsize attributes.
-# For details please see <a href=https://graphviz.org/doc/info/attrs.html>Node,
-# Edge and Graph Attributes specification</a> You need to make sure dot is able
-# to find the font, which can be done by putting it in a standard location or by
-# setting the DOTFONTPATH environment variable or by setting DOT_FONTPATH to the
-# directory containing the font. Default graphviz fontsize is 14.
-# The default value is: fontname=Helvetica,fontsize=10.
+# When you want a differently looking font in the dot files that doxygen
+# generates you can specify the font name using DOT_FONTNAME. You need to make
+# sure dot is able to find the font, which can be done by putting it in a
+# standard location or by setting the DOTFONTPATH environment variable or by
+# setting DOT_FONTPATH to the directory containing the font.
+# The default value is: Helvetica.
 # This tag requires that the tag HAVE_DOT is set to YES.

-DOT_COMMON_ATTR        = "fontname=Helvetica,fontsize=10"
+#DOT_FONTNAME           = Helvetica

-# DOT_EDGE_ATTR is concatenated with DOT_COMMON_ATTR. For elegant style you can
-# add 'arrowhead=open, arrowtail=open, arrowsize=0.5'. <a
-# href=https://graphviz.org/doc/info/arrows.html>Complete documentation about
-# arrows shapes.</a>
-# The default value is: labelfontname=Helvetica,labelfontsize=10.
+# The DOT_FONTSIZE tag can be used to set the size (in points) of the font of
+# dot graphs.
+# Minimum value: 4, maximum value: 24, default value: 10.
 # This tag requires that the tag HAVE_DOT is set to YES.

-DOT_EDGE_ATTR          = "labelfontname=Helvetica,labelfontsize=10"
+#DOT_FONTSIZE           = 10

-# DOT_NODE_ATTR is concatenated with DOT_COMMON_ATTR. For view without boxes
-# around nodes set 'shape=plain' or 'shape=plaintext' <a
-# href=https://www.graphviz.org/doc/info/shapes.html>Shapes specification</a>
-# The default value is: shape=box,height=0.2,width=0.4.
+# By default doxygen will tell dot to use the default font as specified with
+# DOT_FONTNAME. If you specify a different font using DOT_FONTNAME you can set
+# the path where dot can find it using this tag.
 # This tag requires that the tag HAVE_DOT is set to YES.

-DOT_NODE_ATTR          = "shape=box,height=0.2,width=0.4"
+#DOT_FONTPATH           =

-# You can set the path where dot can find font specified with fontname in
-# DOT_COMMON_ATTR and others dot attributes.
-# This tag requires that the tag HAVE_DOT is set to YES.
-
-DOT_FONTPATH           =
-
-# If the CLASS_GRAPH tag is set to YES or GRAPH or BUILTIN then doxygen will
-# generate a graph for each documented class showing the direct and indirect
-# inheritance relations. In case the CLASS_GRAPH tag is set to YES or GRAPH and
-# HAVE_DOT is enabled as well, then dot will be used to draw the graph. In case
-# the CLASS_GRAPH tag is set to YES and HAVE_DOT is disabled or if the
-# CLASS_GRAPH tag is set to BUILTIN, then the built-in generator will be used.
-# If the CLASS_GRAPH tag is set to TEXT the direct and indirect inheritance
-# relations will be shown as texts / links.
-# Possible values are: NO, YES, TEXT, GRAPH and BUILTIN.
+# If the CLASS_GRAPH tag is set to YES (or GRAPH) then doxygen will generate a
+# graph for each documented class showing the direct and indirect inheritance
+# relations. In case HAVE_DOT is set as well dot will be used to draw the graph,
+# otherwise the built-in generator will be used. If the CLASS_GRAPH tag is set
+# to TEXT the direct and indirect inheritance relations will be shown as texts /
+# links.
+# Possible values are: NO, YES, TEXT and GRAPH.
 # The default value is: YES.

 CLASS_GRAPH            = YES
@@ -2538,21 +2430,15 @@ CLASS_GRAPH            = YES
 # If the COLLABORATION_GRAPH tag is set to YES then doxygen will generate a
 # graph for each documented class showing the direct and indirect implementation
 # dependencies (inheritance, containment, and class references variables) of the
-# class with other documented classes. Explicit enabling a collaboration graph,
-# when COLLABORATION_GRAPH is set to NO, can be accomplished by means of the
-# command \collaborationgraph. Disabling a collaboration graph can be
-# accomplished by means of the command \hidecollaborationgraph.
+# class with other documented classes.
 # The default value is: YES.
 # This tag requires that the tag HAVE_DOT is set to YES.

 COLLABORATION_GRAPH    = YES

 # If the GROUP_GRAPHS tag is set to YES then doxygen will generate a graph for
-# groups, showing the direct groups dependencies. Explicit enabling a group
-# dependency graph, when GROUP_GRAPHS is set to NO, can be accomplished by means
-# of the command \groupgraph. Disabling a directory graph can be accomplished by
-# means of the command \hidegroupgraph. See also the chapter Grouping in the
-# manual.
+# groups, showing the direct groups dependencies. See also the chapter Grouping
+# in the manual.
 # The default value is: YES.
 # This tag requires that the tag HAVE_DOT is set to YES.

@@ -2612,9 +2498,7 @@ TEMPLATE_RELATIONS     = NO
 # If the INCLUDE_GRAPH, ENABLE_PREPROCESSING and SEARCH_INCLUDES tags are set to
 # YES then doxygen will generate a graph for each documented file showing the
 # direct and indirect include dependencies of the file with other documented
-# files. Explicit enabling an include graph, when INCLUDE_GRAPH is is set to NO,
-# can be accomplished by means of the command \includegraph. Disabling an
-# include graph can be accomplished by means of the command \hideincludegraph.
+# files.
 # The default value is: YES.
 # This tag requires that the tag HAVE_DOT is set to YES.

@@ -2623,10 +2507,7 @@ INCLUDE_GRAPH          = YES
 # If the INCLUDED_BY_GRAPH, ENABLE_PREPROCESSING and SEARCH_INCLUDES tags are
 # set to YES then doxygen will generate a graph for each documented file showing
 # the direct and indirect include dependencies of the file with other documented
-# files. Explicit enabling an included by graph, when INCLUDED_BY_GRAPH is set
-# to NO, can be accomplished by means of the command \includedbygraph. Disabling
-# an included by graph can be accomplished by means of the command
-# \hideincludedbygraph.
+# files.
 # The default value is: YES.
 # This tag requires that the tag HAVE_DOT is set to YES.

@@ -2666,10 +2547,7 @@ GRAPHICAL_HIERARCHY    = YES
 # If the DIRECTORY_GRAPH tag is set to YES then doxygen will show the
 # dependencies a directory has on other directories in a graphical way. The
 # dependency relations are determined by the #include relations between the
-# files in the directories. Explicit enabling a directory graph, when
-# DIRECTORY_GRAPH is set to NO, can be accomplished by means of the command
-# \directorygraph. Disabling a directory graph can be accomplished by means of
-# the command \hidedirectorygraph.
+# files in the directories.
 # The default value is: YES.
 # This tag requires that the tag HAVE_DOT is set to YES.

@@ -2685,13 +2563,12 @@ DIR_GRAPH_MAX_DEPTH    = 1
 # The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
 # generated by dot. For an explanation of the image formats see the section
 # output formats in the documentation of the dot tool (Graphviz (see:
-# https://www.graphviz.org/)).
+# http://www.graphviz.org/)).
 # Note: If you choose svg you need to set HTML_FILE_EXTENSION to xhtml in order
 # to make the SVG files visible in IE 9+ (other browsers do not have this
 # requirement).
-# Possible values are: png, jpg, jpg:cairo, jpg:cairo:gd, jpg:gd, jpg:gd:gd,
-# gif, gif:cairo, gif:cairo:gd, gif:gd, gif:gd:gd, svg, png:gd, png:gd:gd,
-# png:cairo, png:cairo:gd, png:cairo:cairo, png:cairo:gdiplus, png:gdiplus and
+# Possible values are: png, jpg, gif, svg, png:gd, png:gd:gd, png:cairo,
+# png:cairo:gd, png:cairo:cairo, png:cairo:gdiplus, png:gdiplus and
 # png:gdiplus:gdiplus.
 # The default value is: png.
 # This tag requires that the tag HAVE_DOT is set to YES.
@@ -2723,12 +2600,11 @@ DOT_PATH               =

 DOTFILE_DIRS           =

-# You can include diagrams made with dia in doxygen documentation. Doxygen will
-# then run dia to produce the diagram and insert it in the documentation. The
-# DIA_PATH tag allows you to specify the directory where the dia binary resides.
-# If left empty dia is assumed to be found in the default search path.
+# The MSCFILE_DIRS tag can be used to specify one or more directories that
+# contain msc files that are included in the documentation (see the \mscfile
+# command).

-DIA_PATH               =
+MSCFILE_DIRS           =

 # The DIAFILE_DIRS tag can be used to specify one or more directories that
 # contain dia files that are included in the documentation (see the \diafile
@@ -2778,6 +2654,18 @@ DOT_GRAPH_MAX_NODES    = 50

 MAX_DOT_GRAPH_DEPTH    = 0

+# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent
+# background. This is disabled by default, because dot on Windows does not seem
+# to support this out of the box.
+#
+# Warning: Depending on the platform used, enabling this option may lead to
+# badly anti-aliased labels on the edges of a graph (i.e. they become hard to
+# read).
+# The default value is: NO.
+# This tag requires that the tag HAVE_DOT is set to YES.
+
+#DOT_TRANSPARENT        = NO
+
 # Set the DOT_MULTI_TARGETS tag to YES to allow dot to generate multiple output
 # files in one run (i.e. multiple -o and -T options on the command line). This
 # makes dot run faster, but since only newer versions of dot (>1.8.10) support
@@ -2805,19 +2693,3 @@ GENERATE_LEGEND        = YES
 # The default value is: YES.

 DOT_CLEANUP            = YES
-
-# You can define message sequence charts within doxygen comments using the \msc
-# command. If the MSCGEN_TOOL tag is left empty (the default), then doxygen will
-# use a built-in version of mscgen tool to produce the charts. Alternatively,
-# the MSCGEN_TOOL tag can also specify the name an external tool. For instance,
-# specifying prog as the value, doxygen will call the tool as prog -T
-# <outfile_format> -o <outputfile> <inputfile>. The external tool should support
-# output file formats "png", "eps", "svg", and "ismap".
-
-MSCGEN_TOOL            =
-
-# The MSCFILE_DIRS tag can be used to specify one or more directories that
-# contain msc files that are included in the documentation (see the \mscfile
-# command).
-
-MSCFILE_DIRS           =
--- a/159
+++ b/159
@@ -16,15 +16,15 @@ MAKEFLAGS += --no-builtin-rules
 ## LD := Linker.
 ## ANDROID_SDK := Path to the Android SDK.

-VERSION_CODE := 42
-VERSION_CODE_IOS := 16
-VERSION_NUMBER := 0.2025.8
+VERSION_CODE := 48
+VERSION_CODE_IOS := 26
+VERSION_NUMBER := 0.2025.11
 VERSION_NAME := This program kills fascists.

-IPHONEOS_VERSION_MIN=14.0
+IPHONEOS_VERSION_MIN=14.5

-SQLITE_URL := https://www.sqlite.org/2025/sqlite-amalgamation-3500400.zip
-BUNDLETOOL_URL := https://github.com/google/bundletool/releases/download/1.17.0/bundletool-all-1.17.0.jar
+SQLITE_URL := https://www.sqlite.org/2025/sqlite-amalgamation-3510000.zip
+BUNDLETOOL_URL := https://github.com/google/bundletool/releases/download/1.18.2/bundletool-all-1.18.2.jar
 APPIMAGETOOL_URL := https://github.com/AppImage/AppImageKit/releases/download/continuous/appimagetool-x86_64.AppImage
 APPIMAGETOOL_MD5 := e989fadfc4d685fd3d6aeeb9b525d74d  out/appimagetool

@@ -38,7 +38,6 @@ BUNDLETOOL = out/bundletool.jar

 HAVE_WIN :=
 HAVE_CROSS_AARCH64 :=
-USE_SYSTEM_SSL :=

 export SOURCE_DATE_EPOCH=1
 export TZ=UTC
@@ -65,7 +64,6 @@ LDFLAGS += \
 	-lbsd \
 	-lnetwork \
 	-Wno-stringop-overflow
-USE_SYSTEM_SSL := 1
 HAVE_ANDROID = 0
 HAVE_LINUX_IOS = 0
 HAVE_LINUX_MACOS = 0
@@ -80,13 +78,12 @@ LDFLAGS += \
 HAVE_ANDROID :=
 HAVE_LINUX_IOS :=
 HAVE_LINUX_MACOS :=
-USE_SYSTEM_SSL := 1
 else
 $(error Unexpected host platform $(UNAME_S).)
 endif

 # Everything is set above.
-$(info Building Tilde Friends $(VERSION_NUMBER) android=$(if $(HAVE_ANDROID),1,0) win=$(if $(HAVE_WIN),1,0) cross_aarch64=$(if $(HAVE_CROSS_AARCH64),1,0) cross_ios=$(if $(HAVE_LINUX_IOS),1,0) cross_macos=$(if $(HAVE_LINUX_MACOS),1,0) system_ssl=$(if $(USE_SYSTEM_SSL),1,0))
+$(info Building Tilde Friends $(VERSION_NUMBER) android=$(if $(HAVE_ANDROID),1,0) win=$(if $(HAVE_WIN),1,0) cross_aarch64=$(if $(HAVE_CROSS_AARCH64),1,0) cross_ios=$(if $(HAVE_LINUX_IOS),1,0) cross_macos=$(if $(HAVE_LINUX_MACOS),1,0))

 CFLAGS += \
 	-std=gnu11 \
@@ -270,16 +267,12 @@ $(WINDOWS_TARGETS): AS = $(CC)
 $(WINDOWS_TARGETS): CFLAGS += \
 	-D_WIN32_WINNT=0x0A00 \
 	-DWINVER=0x0A00 \
-	-DNTDDI_VERSION=NTDDI_WIN10 \
-	-Iout/openssl/$(UNAME_S)/mingw64/usr/local/include
+	-DNTDDI_VERSION=NTDDI_WIN10
 $(WINDOWS_TARGETS): LDFLAGS += \
 	-static \
-	-lm \
-	-Lout/openssl/$(UNAME_S)/mingw64/usr/local/lib
+	-lm
 $(AARCH64_TARGETS): CC = aarch64-linux-gnu-gcc
 $(AARCH64_TARGETS): AS = $(CC)
-$(AARCH64_TARGETS): CFLAGS += -Iout/openssl/Linux/aarch64/usr/local/include
-$(AARCH64_TARGETS): LDFLAGS += -Lout/openssl/Linux/aarch64/usr/local/lib
 ifeq ($(UNAME_S),Darwin)
 $(HOST_TARGETS): CC = xcrun clang
 $(IOS_TARGETS): IOS_SYSROOT := $(shell xcrun --sdk iphoneos --show-sdk-path)
@@ -304,39 +297,12 @@ $(ANDROID_TARGETS): AS = $(CC)
 $(ANDROID_TARGETS): CFLAGS += \
 	-target $(ANDROID_NDK_TARGET_TRIPLE)$(ANDROID_MIN_SDK_VERSION) \
 	-Wno-unknown-warning-option
-$(ANDROID_ARMV7A_TARGETS): CFLAGS += -Iout/openssl/android/armeabi-v7a/usr/local/include
-$(ANDROID_ARMV7A_TARGETS): LDFLAGS += -Lout/openssl/android/armeabi-v7a/usr/local/lib
-$(ANDROID_ARM64_TARGETS): CFLAGS += -Iout/openssl/android/arm64-v8a/usr/local/include
-$(ANDROID_ARM64_TARGETS): LDFLAGS += -Lout/openssl/android/arm64-v8a/usr/local/lib
-$(ANDROID_X86_TARGETS): CFLAGS += -Iout/openssl/android/x86/usr/local/include
 $(ANDROID_X86_TARGETS): CFLAGS += -Wno-atomic-alignment
-$(ANDROID_X86_TARGETS): LDFLAGS += -Lout/openssl/android/x86/usr/local/lib
-$(ANDROID_X86_64_TARGETS): CFLAGS += -Iout/openssl/android/x86_64/usr/local/include
-$(ANDROID_X86_64_TARGETS): LDFLAGS += -Lout/openssl/android/x86_64/usr/local/lib
 $(NONMACOS_TARGETS): CFLAGS += -Wno-cast-function-type
 $(MACOS_TARGETS): LDFLAGS += -Wl,-dead_strip
 $(NONMACOS_TARGETS): LDFLAGS += -Wl,--gc-sections -Wl,--as-needed
 $(IOS_TARGETS): CFLAGS += -miphoneos-version-min=$(IPHONEOS_VERSION_MIN)
 $(IOS_TARGETS): LDFLAGS += -miphoneos-version-min=$(IPHONEOS_VERSION_MIN)
-ifeq ($(UNAME_S),Darwin)
-$(IOS_TARGETS): CFLAGS += -Iout/openssl/ios/ios64-xcrun/usr/local/include
-$(IOS_TARGETS): LDFLAGS += -Lout/openssl/ios/ios64-xcrun/usr/local/lib
-else
-$(IOS_TARGETS): CFLAGS += -Iout/openssl/$(UNAME_S)/ios64-cross/usr/local/include
-$(IOS_TARGETS): LDFLAGS += -Lout/openssl/$(UNAME_S)/ios64-cross/usr/local/lib
-$(filter $(BUILD_DIR)/macosdebug-x86_64/%,$(ALL_TARGETS)): CFLAGS += -Iout/openssl/$(UNAME_S)/macos-x86_64/usr/local/include
-$(filter $(BUILD_DIR)/macosdebug-arm/%,$(ALL_TARGETS)): CFLAGS += -Iout/openssl/$(UNAME_S)/macos-arm/usr/local/include
-$(filter $(BUILD_DIR)/macosdebug-x86_64/%,$(ALL_TARGETS)): LDFLAGS += -Lout/openssl/$(UNAME_S)/macos-x86_64/usr/local/lib
-$(filter $(BUILD_DIR)/macosdebug-arm/%,$(ALL_TARGETS)): LDFLAGS += -Lout/openssl/$(UNAME_S)/macos-arm/usr/local/lib
-$(filter $(BUILD_DIR)/macosrelease-x86_64/%,$(ALL_TARGETS)): CFLAGS += -Iout/openssl/$(UNAME_S)/macos-x86_64/usr/local/include
-$(filter $(BUILD_DIR)/macosrelease-arm/%,$(ALL_TARGETS)): CFLAGS += -Iout/openssl/$(UNAME_S)/macos-arm/usr/local/include
-$(filter $(BUILD_DIR)/macosrelease-x86_64/%,$(ALL_TARGETS)): LDFLAGS += -Lout/openssl/$(UNAME_S)/macos-x86_64/usr/local/lib
-$(filter $(BUILD_DIR)/macosrelease-arm/%,$(ALL_TARGETS)): LDFLAGS += -Lout/openssl/$(UNAME_S)/macos-arm/usr/local/lib
-endif
-$(IOSSIM_TARGETS): CFLAGS += -Iout/openssl/ios/iossimulator-xcrun/usr/local/include
-$(IOSSIM_TARGETS): LDFLAGS += -Lout/openssl/ios/iossimulator-xcrun/usr/local/lib
-$(HOST_TARGETS): CFLAGS += -Iout/openssl/$(UNAME_S)/$(UNAME_M)/usr/local/include
-$(HOST_TARGETS): LDFLAGS += -Lout/openssl/$(UNAME_S)/$(UNAME_M)/usr/local/lib

 ifeq ($(UNAME_M),x86_64)
 ifeq ($(UNAME_S),Linux)
@@ -824,9 +790,6 @@ $(MINIUNZIP_OBJS): CFLAGS += \
 LDFLAGS += \
 	-pthread \
 	-lm
-$(HOST_TARGETS) $(IOS_TARGETS) $(IOSSIM_TARGETS) $(AARCH64_TARGETS) $(filter-out $(HOST_TARGETS),$(MACOS_TARGETS)): LDFLAGS += \
-	-lssl \
-	-lcrypto
 ifneq ($(UNAME_S),Haiku)
 ifneq ($(UNAME_S),OpenBSD)
 $(HOST_TARGETS) $(IOS_TARGETS) $(IOSSIM_TARGETS): LDFLAGS += \
@@ -834,8 +797,6 @@ $(HOST_TARGETS) $(IOS_TARGETS) $(IOSSIM_TARGETS): LDFLAGS += \
 endif
 endif
 $(WINDOWS_TARGETS): LDFLAGS += \
-	-lssl \
-	-lcrypto \
 	-lcrypt32 \
 	-ldbghelp \
 	-liphlpapi \
@@ -848,15 +809,15 @@ $(WINDOWS_TARGETS): LDFLAGS += \
 $(ANDROID_TARGETS): LDFLAGS += \
 	-target $(ANDROID_NDK_TARGET_TRIPLE)$(ANDROID_MIN_SDK_VERSION) \
 	-ldl \
-	-llog \
-	-lssl \
-	-lcrypto
+	-llog
 $(MACOS_TARGETS) $(IOS_TARGETS) $(IOSSIM_TARGETS): CFLAGS += \
 	-Wno-unknown-warning-option
 $(IOS_TARGETS) $(IOSSIM_TARGETS): LDFLAGS += \
 	-framework Foundation \
 	-framework CoreFoundation \
+	-framework CoreSpotlight \
 	-framework UIKit \
+	-framework UniformTypeIdentifiers \
 	-framework WebKit

 ##
@@ -998,8 +959,7 @@ PACKAGE_DIRS := \
 	core \
 	deps/codemirror \
 	deps/prettier \
-	deps/lit \
-	deps/speedscope
+	deps/lit

 RAW_FILES := $(sort $(filter-out apps/blog% apps/issues% apps/welcome% apps/journal% %.map, $(shell find $(PACKAGE_DIRS) -type f -not -name '.*')))

@@ -1193,6 +1153,7 @@ out/tildefriends-%.ipa: out/tildefriends-ios%.app/tildefriends
 	@echo "[ipa] $@"
 	@rm -rf $@.tmp $@
 	@mkdir -p $@.tmp/Payload/tildefriends.app/
+	@cp src/ios/tildefriends512.png $@.tmp/iTunesArtwork
 	@cp -R $(dir $<)/* $@.tmp/Payload/tildefriends.app/
 	@cd $@.tmp/ && zip -u ../../$@ -q -9 -r ./
 	@rm -rf $@.tmp/
@@ -1220,98 +1181,11 @@ ios%go: out/tildefriends-ios%.app/tildefriends
 	ideviceinstaller -i $(realpath $(dir $<))

 iossimdebuggo: out/tildefriends-iossimdebug.app/tildefriends ## Build, install, and run an iOS debug build.
+	xcrun -sdk iphoneos codesign -f -s 'Apple Distribution' --entitlements src/ios/Entitlements.plist --generate-entitlement-der out/tildefriends-iossimdebug.app
 	xcrun simctl install booted out/tildefriends-iossimdebug.app/
-	xcrun simctl launch booted com.unprompted.tildefriends
+	xcrun simctl launch --console booted com.unprompted.tildefriends
 .PHONY: iossimdebuggo

-ANDROID_DEPS := out/openssl/android/arm64-v8a/usr/local/lib/libssl.a
-$(ANDROID_DEPS):
-	+@export ANDROID_NDK_ROOT=$(ANDROID_NDK)
-	+@export BUILD_PLATFORM=android
-	+@export TOOLCHAIN=$(ANDROID_NDK)/toolchains/llvm/prebuilt/linux-x86_64
-	+@PATH="$$TOOLCHAIN/x86_64-linux-android/bin:$$TOOLCHAIN/bin:$$PATH" BUILD_TARGET=x86_64 SSL_TARGET=android-x86_64 OPTIONS="-D__ANDROID_API__=$(ANDROID_MIN_SDK_VERSION) -Wno-macro-redefined" tools/ssl-local
-	+@PATH="$$TOOLCHAIN/i686-linux-android/bin:$$TOOLCHAIN/bin:$$PATH" BUILD_TARGET=x86 SSL_TARGET=android-x86 OPTIONS="-D__ANDROID_API__=$(ANDROID_MIN_SDK_VERSION) -Wno-macro-redefined" tools/ssl-local
-	+@PATH="$$TOOLCHAIN/arm-linux-androideabi/bin:$$TOOLCHAIN/bin:$$PATH" BUILD_TARGET=armeabi-v7a SSL_TARGET=android-arm OPTIONS="--target=armv7a-linux-androideabi -Wl,--fix-cortex-a8 -D__ANDROID_API__=$(ANDROID_MIN_SDK_VERSION) -Wno-macro-redefined" tools/ssl-local
-	+@PATH="$$TOOLCHAIN/aarch64-linux-android/bin:$$TOOLCHAIN/bin:$$PATH" BUILD_TARGET=arm64-v8a SSL_TARGET=android-arm64 OPTIONS="-D__ANDROID_API__=$(ANDROID_MIN_SDK_VERSION) -Wno-macro-redefined" tools/ssl-local
-$(filter $(BUILD_DIR)/android%,$(APP_OBJS)): | $(ANDROID_DEPS)
-
-ifeq ($(UNAME_S),Linux)
-ifneq ($(USE_SYSTEM_SSL),1)
-LOCAL_DEPS := out/openssl/$(UNAME_S)/$(UNAME_M)/usr/local/lib/libssl.a
-$(LOCAL_DEPS):
-	+@tools/ssl-local
-$(filter $(BUILD_DIR)/debug/%,$(APP_OBJS)) $(filter $(BUILD_DIR)/release/%,$(APP_OBJS)): | $(LOCAL_DEPS)
-endif
-
-ifeq ($(HAVE_CROSS_AARCH64),1)
-LOCAL_DEPS := out/openssl/$(UNAME_S)/aarch64/usr/local/lib/libssl.a
-$(LOCAL_DEPS):
-	+@OPTIONS="--cross-compile-prefix=aarch64-linux-gnu-" BUILD_TARGET=aarch64 SSL_TARGET=linux-aarch64 tools/ssl-local
-$(filter $(BUILD_DIR)/armdebug/%,$(APP_OBJS)) $(filter $(BUILD_DIR)/armrelease/%,$(APP_OBJS)): | $(LOCAL_DEPS)
-endif
-
-ifeq ($(HAVE_LINUX_IOS),1)
-LOCAL_DEPS := out/openssl/$(UNAME_S)/ios64-cross/usr/local/lib/libssl.a
-$(LOCAL_DEPS):
-	+@PATH=deps/ios_toolchain/target/bin:$$PATH \
-		BUILD_TARGET=ios64-cross \
-		SSL_TARGET=ios64-cross \
-		CROSS_COMPILE=../../deps/ios_toolchain/target/bin/arm-apple-darwin11- \
-		CROSS_TOP=../../deps/ios_toolchain/target \
-		CROSS_SDK=iPhoneOS18.2.sdk \
-		CC=clang \
-		OPTIONS=-miphoneos-version-min=$(IPHONEOS_VERSION_MIN) \
-		tools/ssl-local
-$(filter $(BUILD_DIR)/ios%,$(APP_OBJS)): | $(LOCAL_DEPS)
-endif
-
-ifeq ($(HAVE_LINUX_MACOS),1)
-LOCAL_DEPS := out/openssl/$(UNAME_S)/macos-arm/usr/local/lib/libssl.a
-$(LOCAL_DEPS):
-	+@PATH=../../deps/macos_toolchain/bin:$$PATH \
-		BUILD_TARGET=macos-arm \
-		SSL_TARGET=darwin64-arm64 \
-		CC=../../deps/macos_toolchain/bin/oa64-clang \
-		RANLIB=../../deps/macos_toolchain/bin/x86_64-apple-darwin24-ranlib \
-		AR=../../deps/macos_toolchain/bin/arm64-apple-darwin24-ar \
-		tools/ssl-local
-$(filter $(BUILD_DIR)/macosrelease-arm/% $(BUILD_DIR)/macosdebug-arm/%,$(APP_OBJS)): | $(LOCAL_DEPS)
-
-LOCAL_DEPS := out/openssl/$(UNAME_S)/macos-x86_64/usr/local/lib/libssl.a
-$(LOCAL_DEPS):
-	+@PATH=../../deps/macos_toolchain/bin:$$PATH \
-		BUILD_TARGET=macos-x86_64 \
-		SSL_TARGET=darwin64-x86_64 \
-		CC=../../deps/macos_toolchain/bin/o64-clang \
-		RANLIB=../../deps/macos_toolchain/bin/x86_64-apple-darwin24-ranlib \
-		AR=../../deps/macos_toolchain/bin/x86_64-apple-darwin24-ar \
-		tools/ssl-local
-$(filter $(BUILD_DIR)/macosrelease-x86_64/% $(BUILD_DIR)/macosdebug-x86_64/%,$(APP_OBJS)): | $(LOCAL_DEPS)
-endif
-endif
-
-ifeq ($(UNAME_S),Darwin)
-LOCAL_DEPS := out/openssl/$(UNAME_S)/$(UNAME_M)/usr/local/lib/libssl.a
-$(LOCAL_DEPS):
-	+@tools/ssl-local
-$(filter $(BUILD_DIR)/debug/%,$(APP_OBJS)) $(filter $(BUILD_DIR)/release/%,$(APP_OBJS)): | $(LOCAL_DEPS)
-endif
-
-ifeq ($(HAVE_WIN),1)
-WINDOWS_DEPS := out/openssl/$(UNAME_S)/mingw64/usr/local/lib/libssl.a
-$(WINDOWS_DEPS):
-	+@BUILD_TARGET=mingw64 SSL_TARGET=mingw64 OPTIONS="--cross-compile-prefix=x86_64-w64-mingw32-" tools/ssl-local
-$(filter $(BUILD_DIR)/win%,$(APP_OBJS)): | $(WINDOWS_DEPS)
-endif
-
-ifeq ($(UNAME_S),Darwin)
-IOS_DEPS := out/openssl/ios/ios64-xcrun/usr/local/lib/libssl.a
-$(IOS_DEPS):
-	+@BUILD_PLATFORM=ios BUILD_TARGET=ios64-xcrun SSL_TARGET=ios64-xcrun OPTIONS="-fPIC -Wno-macro-redefined -miphoneos-version-min=$(IPHONEOS_VERSION_MIN)" tools/ssl-local
-	+@BUILD_PLATFORM=ios BUILD_TARGET=iossimulator-xcrun SSL_TARGET=iossimulator-xcrun OPTIONS="-fPIC -Wno-macro-redefined" tools/ssl-local
-$(filter $(BUILD_DIR)/ios%,$(APP_OBJS)): | $(IOS_DEPS)
-endif
-
 out/macos%/tildefriends: out/macos%-arm/tildefriends out/macos%-x86_64/tildefriends
 	@echo [lipo] $@
 	@mkdir -p $(@D)
@@ -1385,7 +1259,6 @@ tarball: ## Build an all-inclusive source tarball (.tar.xz).
 		--exclude=deps/libsodium/test \
 		--exclude=deps/libuv/docs \
 		--exclude=deps/libuv/test \
-		--exclude=deps/speedscope/*.map \
 		--exclude=deps/sqlite/shell.c \
 		--exclude=deps/zlib/contrib/vstudio \
 		--exclude=deps/zlib/doc \
--- a/README.md
+++ b/README.md
@@ -38,8 +38,6 @@ dependencies in the right places.

 ### Requirements

-System OpenSSL libraries are assumed to be available on Haiku and OpenBSD.
-
 On MacOS, Xcode's command-line tools are expected to be available.

 ### Build Commands
--- a/apps/api.json
+++ b/apps/api.json
@@ -1,5 +1,5 @@
 {
 	"type": "tildefriends-app",
 	"emoji": "📜",
-	"previous": "&BEf0nraBdHk/+PWqx6tOSu5rheWVaxaL7orAOz3285M=.sha256"
+	"previous": "&sJqeyYjHys6Z8IqqtZ2ij2ZC1E2xieu/FU/u2hE+O1U=.sha256"
 }
--- a/apps/api/app.js
+++ b/apps/api/app.js
@@ -55,6 +55,9 @@ app.setDocument(`<head>
 </head>
 <body style="color:#fff">
 	${markdown(docs.docs.global)}
+	<!--
+	${Object.keys(docs.docs).filter(x => [...treeify('', globalThis)].indexOf(x) == -1).map(x => `<p>STALE: ${x}</p>`).join('')}
+	-->
 	${[...treeify('', globalThis)].map(x => document(x)).join('\n')}
 	<a id="Database"></a>
 	${markdown(docs.docs.database)}
--- a/apps/api/docs.js
+++ b/apps/api/docs.js
@@ -195,51 +195,6 @@ Call a function after some delay.
 * *Number* **timeout** Number of milliseconds to wait before calling the callback function.
 `;

-docs['parseHttpRequest()'] = `
-Parses an HTTP request.
-### Parameters
- * *Uint8Array* **request** The request data.  Maybe be partial or contain extra data.  The return value will
-    indicate when and where it is complete.
- * *Number* **last_length** The length of the data passed on a previous attempt for the same request, or 0 initially.
-### Returns
- * *Integer* **-2** if the request is incomplete.
- * *Integer* **-1** if the request could not be parsed.
- * *Object* An object with **bytes_parsed**, **minor_version**, **path**, and **headers** fields on successful parse.
-`;
-
-docs['parseHttpResponse()'] = `
-Parses an HTTP response.
-### Parameters
- * *Uint8Array* **response** The response data.  Maybe be partial or contain extra data.  The return value will
-    indicate when and where it is complete.
- * *Number* **last_length** The length of the data passed on a previous attempt for the same response, or 0 initially.
-### Returns
- * *Integer* **-2** if the response is incomplete.
- * *Integer* **-1** if the response could not be parsed.
- * *Object* An object with **bytes_parsed**, **minor_version**, **status**, **message**, and **headers** fields on successful parse.
-`;
-
-docs['sha1Digest()'] = `
-Calculates a SHA1 digest.
-
-Completes synchronously.
-### Parameters
- * *String* **value** The value for which to calculate the digest.
-### Returns
-*String* The SHA1 digest of UTF-8 encoded \`value\`.
-`;
-
-docs['maskBytes()'] = `
-Masks bytes for WebSocket communication.
-
-Completes synchronously.
-### Parameters
- * *Uint8Array* **bytes** The byte array of data to mask.
- * *Uint32* **mask** The mask to apply.
-### Returns
-*Uint32Array* The masked bytes.
-`;
-
 docs['exit()'] = `
 Exits the app.  But why would you want to do that?

--- a/apps/ssb.json
+++ b/apps/ssb.json
@@ -1,5 +1,5 @@
 {
 	"type": "tildefriends-app",
 	"emoji": "🦀",
-	"previous": "&Hd6CuhhnZIf13PdFJYZBUYLYZO84WdaKvWXLC29M7Ac=.sha256"
+	"previous": "&7dPNAI4sffljUTiwGr3XEUeB8sBD72CFkWMk/o0Z2pw=.sha256"
 }
--- a/apps/ssb/app.js
+++ b/apps/ssb/app.js
@@ -2,6 +2,7 @@ import * as tfrpc from '/tfrpc.js';

 let g_database;
 let g_hash;
+let g_sql_cache = {};

 tfrpc.register(async function localStorageGet(key) {
 	return app.localStorageGet(key);
@@ -51,11 +52,38 @@ tfrpc.register(async function connect(token) {
 tfrpc.register(async function closeConnection(id) {
 	await ssb.closeConnection(id);
 });
-tfrpc.register(async function query(sql, args) {
+tfrpc.register(async function query(sql, args, options) {
+	let start = new Date();
 	let result = [];
-	await ssb.sqlAsync(sql, args, function callback(row) {
-		result.push(row);
-	});
+	let key = options?.cacheable ? JSON.stringify([sql, args]) : undefined;
+	let entry = key ? g_sql_cache[key] : undefined;
+	const k_ideal_count = 64;
+	if (entry) {
+		result = entry.result;
+	} else {
+		await ssb.sqlAsync(sql, args, function callback(row) {
+			result.push(row);
+		});
+		if (key) {
+			g_sql_cache[key] = {
+				result: result,
+				time: new Date().valueOf(),
+			};
+			if (Object.keys(g_sql_cache).length > k_ideal_count * 2) {
+				let aged = Object.entries(g_sql_cache).map(([k, v]) => [v.time, k]);
+				aged.sort();
+				for (let i = 0; i < aged.length / 2; i++) {
+					delete g_sql_cache[aged[i][1]];
+				}
+			}
+		}
+	}
+	let end = new Date();
+	print(
+		(end - start) / 1000,
+		entry ? 'from cache' : 'from db',
+		sql.replaceAll(/\s+/g, ' ').trim()
+	);
 	return result;
 });
 tfrpc.register(async function appendMessage(id, message) {
@@ -76,6 +104,9 @@ tfrpc.register(function setHash(hash) {
 core.register('onMessage', async function (id) {
 	await tfrpc.rpc.notifyNewMessage(id);
 });
+core.register('onBlob', async function (id) {
+	await tfrpc.rpc.notifyNewBlob(id);
+});
 tfrpc.register(async function store_blob(blob) {
 	if (Array.isArray(blob)) {
 		blob = Uint8Array.from(blob);
--- a/apps/ssb/emojis.js
+++ b/apps/ssb/emojis.js
@@ -1,6 +1,6 @@
 import * as tfrpc from '/static/tfrpc.js';
 import {html, render} from './lit-all.min.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 let g_emojis;

@@ -140,6 +140,9 @@ export async function picker(callback, anchor, author, recent) {
 		<style>
 			${styles}
 		</style>
+		<style>
+			${generate_theme()}
+		</style>
 		<div
 			class="w3-modal"
 			style="display: block; box-sizing: border-box; z-index: 10"
--- a/apps/ssb/emojis.json
+++ b/apps/ssb/emojis.json
--- a/apps/ssb/script.js
+++ b/apps/ssb/script.js
@@ -12,12 +12,14 @@ import * as tf_tab_news from './tf-tab-news.js';
 import * as tf_tab_news_feed from './tf-tab-news-feed.js';
 import * as tf_tab_search from './tf-tab-search.js';
 import * as tf_tab_connections from './tf-tab-connections.js';
-import * as tf_tab_query from './tf-tab-query.js';
 import * as tf_tag from './tf-tag.js';
 import * as tf_styles from './tf-styles.js';

 window.addEventListener('load', function () {
 	let style = document.createElement('style');
 	style.innerText = tf_styles.styles;
+	Promise.resolve(tf_styles.generate_theme()).then(function (x) {
+		style.innerText += x;
+	});
 	document.body.appendChild(style);
 });
--- a/apps/ssb/tf-app.js
+++ b/apps/ssb/tf-app.js
@@ -1,6 +1,6 @@
 import {LitElement, html, css, guard, until} from './lit-all.min.js';
 import * as tfrpc from '/static/tfrpc.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfElement extends LitElement {
 	static get properties() {
@@ -65,6 +65,17 @@ class TfElement extends LitElement {
 		tfrpc.register(async function notifyNewMessage(id) {
 			await self.fetch_new_message(id);
 		});
+		tfrpc.register(async function notifyNewBlob(id) {
+			window.dispatchEvent(
+				new CustomEvent('blob-stored', {
+					bubbles: true,
+					composed: true,
+					detail: {
+						id: id,
+					},
+				})
+			);
+		});
 		tfrpc.register(function set(name, value) {
 			if (name === 'broadcasts') {
 				self.broadcasts = value;
@@ -195,8 +206,6 @@ class TfElement extends LitElement {
 			this.tab = 'search';
 		} else if (this.hash === '#connections') {
 			this.tab = 'connections';
-		} else if (this.hash.startsWith('#sql=')) {
-			this.tab = 'query';
 		} else {
 			this.tab = 'news';
 		}
@@ -394,14 +403,6 @@ class TfElement extends LitElement {
 		return [cache.latest, cache.messages];
 	}

-	async query_timed(sql, args) {
-		let start = new Date();
-		let result = await tfrpc.rpc.query(sql, args);
-		let end = new Date();
-		console.log((end - start) / 1000, sql.replaceAll(/\s+/g, ' ').trim());
-		return result;
-	}
-
 	async group_private_messages(messages) {
 		let groups = {};
 		let result = await this.decrypt(
@@ -443,7 +444,7 @@ class TfElement extends LitElement {
 		];
 		let channels = (
 			await Promise.all([
-				this.query_timed(
+				tfrpc.rpc.query(
 					`
 					SELECT channels.value AS channel, MAX(messages.rowid) AS rowid FROM messages
 					JOIN json_each(?1) AS channels ON messages.content ->> 'channel' = channels.value
@@ -456,7 +457,7 @@ class TfElement extends LitElement {
 				`,
 					k_args
 				),
-				this.query_timed(
+				tfrpc.rpc.query(
 					`
 					SELECT channels.value AS channel, MAX(messages.rowid) AS rowid FROM messages
 					JOIN messages_refs ON messages.id = messages_refs.message
@@ -470,7 +471,7 @@ class TfElement extends LitElement {
 				`,
 					k_args
 				),
-				this.query_timed(
+				tfrpc.rpc.query(
 					`
 					SELECT '' AS channel, MAX(messages.rowid) AS rowid FROM messages
 					JOIN json_each(?2) AS following ON messages.author = following.value
@@ -481,7 +482,7 @@ class TfElement extends LitElement {
 				`,
 					k_args
 				),
-				this.query_timed(
+				tfrpc.rpc.query(
 					`
 					SELECT '@' AS channel, MAX(messages.rowid) AS rowid FROM messages_fts(?3)
 					JOIN messages ON messages.rowid = messages_fts.rowid
@@ -492,7 +493,7 @@ class TfElement extends LitElement {
 				),
 			])
 		).flat();
-		let latest = {};
+		let latest = {'🔐': undefined};
 		for (let row of channels) {
 			if (!latest[row.channel]) {
 				latest[row.channel] = row.rowid;
@@ -505,14 +506,13 @@ class TfElement extends LitElement {
 		let self = this;
 		start_time = new Date();
 		latest_private.then(async function (latest) {
+			let grouped = await self.group_private_messages(latest[1]);
 			self.channels_latest = Object.assign({}, self.channels_latest, {
 				'🔐': latest[0],
 			});
-			console.log('private took', (new Date() - start_time) / 1000.0);
 			self.private_messages = latest[1];
-			self.grouped_private_messages = await self.group_private_messages(
-				latest[1]
-			);
+			self.grouped_private_messages = grouped;
+			console.log('private took', (new Date() - start_time) / 1000.0);
 		});
 	}

@@ -700,7 +700,8 @@ class TfElement extends LitElement {
 					@closeprivatechat=${this.close_private_chat}
 					.connections=${this.connections}
 					.private_messages=${this.private_messages}
-					.grouped_private_messages=${this.visible_private()}
+					.visible_private_messages=${this.visible_private()}
+					.grouped_private_messages=${this.grouped_private_messages}
 					.recent_reactions=${this.recent_reactions}
 					?is_administrator=${this.is_administrator}
 					?stay_connected=${this.stay_connected}
@@ -725,17 +726,6 @@ class TfElement extends LitElement {
 						: null}
 				></tf-tab-search>
 			`;
-		} else if (this.tab === 'query') {
-			return html`
-				<tf-tab-query
-					.following=${this.following}
-					whoami=${this.whoami}
-					.users=${this.users}
-					query=${this.hash?.startsWith('#sql=')
-						? decodeURIComponent(this.hash.substring(5))
-						: null}
-				></tf-tab-query>
-			`;
 		}
 	}

@@ -746,8 +736,6 @@ class TfElement extends LitElement {
 			await tfrpc.rpc.setHash('#');
 		} else if (tab === 'connections') {
 			await tfrpc.rpc.setHash('#connections');
-		} else if (tab === 'query') {
-			await tfrpc.rpc.setHash('#sql=');
 		}
 	}

@@ -767,6 +755,17 @@ class TfElement extends LitElement {
 		}
 	}

+	async pick_color() {
+		let input = document.createElement('input');
+		input.type = 'color';
+		input.value = (await tfrpc.rpc.localStorageGet('color')) ?? '#ff0000';
+		input.addEventListener('change', async function () {
+			await tfrpc.rpc.localStorageSet('color', input.value);
+			window.location.reload();
+		});
+		input.click();
+	}
+
 	render() {
 		let self = this;

@@ -781,7 +780,6 @@ class TfElement extends LitElement {
 			'📰': 'news',
 			'📡': 'connections',
 			'🔍': 'search',
-			'👩‍💻': 'query',
 		};

 		let tabs = html`
@@ -789,14 +787,13 @@ class TfElement extends LitElement {
 				class="w3-bar w3-theme-l1"
 				style="position: static; top: 0; z-index: 10"
 			>
-				${this.is_administrator && self.tab != 'news'
+				${this.is_administrator
 					? html`
 							<button
 								class=${'w3-bar-item w3-button w3-circle w3-ripple' +
 								(this.connections?.some((x) => x.flags.one_shot)
 									? ' w3-spin'
 									: '')}
-								style="width: 1.5em; height: 1.5em; padding: 8px"
 								@click=${this.refresh}
 							>
 								↻
@@ -825,6 +822,12 @@ class TfElement extends LitElement {
 						</button>
 					`
 				)}
+				<button
+					class="w3-bar-item w3-button w3-right"
+					@click=${this.pick_color}
+				>
+					🎨<span class="w3-hide-small">Color</span>
+				</button>
 			</div>
 		`;
 		let contents = this.guest
@@ -860,6 +863,9 @@ class TfElement extends LitElement {
 					`
 				: undefined;
 		return html`
+			<style>
+				${generate_theme()}
+			</style>
 			<div
 				style="width: 100vw; min-height: 100vh; height: 100vh; display: flex; flex-direction: column"
 				class="w3-theme-dark"
--- a/apps/ssb/tf-compose.js
+++ b/apps/ssb/tf-compose.js
@@ -1,7 +1,7 @@
 import {LitElement, html, unsafeHTML, live} from './lit-all.min.js';
 import * as tfutils from './tf-utils.js';
 import * as tfrpc from '/static/tfrpc.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';
 import Tribute from './tribute.esm.js';

 class TfComposeElement extends LitElement {
@@ -603,6 +603,9 @@ class TfComposeElement extends LitElement {
 						🔐 Encrypt
 					</button>`;
 		let result = html`
+			<style>
+				${generate_theme()}
+			</style>
 			<style>
 				.w3-input:empty::before {
 					content: attr(placeholder);
@@ -625,7 +628,7 @@ class TfComposeElement extends LitElement {
 					<div class="w3-half">
 						<span
 							class="w3-input w3-theme-d1 w3-border"
-							style="resize: vertical; width: 100%; overflow: hidden; white-space: pre-wrap"
+							style="resize: vertical; width: 100%; white-space: pre-wrap"
 							placeholder="Write a post here."
 							id="edit"
 							@input=${this.input}
--- a/apps/ssb/tf-message.js
+++ b/apps/ssb/tf-message.js
@@ -4,12 +4,14 @@ import {
 	html,
 	repeat,
 	render,
+	unsafeCSS,
 	unsafeHTML,
+	until,
 } from './lit-all.min.js';
 import * as tfrpc from '/static/tfrpc.js';
 import * as tfutils from './tf-utils.js';
 import * as emojis from './emojis.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfMessageElement extends LitElement {
 	static get properties() {
@@ -24,6 +26,7 @@ class TfMessageElement extends LitElement {
 			channel: {type: String},
 			channel_unread: {type: Number},
 			recent_reactions: {type: Array},
+			depth: {type: Number},
 		};
 	}

@@ -40,16 +43,20 @@ class TfMessageElement extends LitElement {
 		this.expanded = {};
 		this.channel_unread = -1;
 		this.recent_reactions = [];
+		this.depth = 0;
 	}

 	connectedCallback() {
 		super.connectedCallback();
 		this._click_callback = this.document_click.bind(this);
+		this._blob_stored = this.blob_stored.bind(this);
 		document.body.addEventListener('mouseup', this._click_callback);
+		window.addEventListener('blob-stored', this._blob_stored);
 	}

 	disconnectedCallback() {
 		super.disconnectedCallback();
+		window.removeEventListener('blob-stored', this._blob_stored);
 		document.body.removeEventListener('mouseup', this._click_callback);
 	}

@@ -61,6 +68,16 @@ class TfMessageElement extends LitElement {
 		}
 	}

+	blob_stored(event) {
+		let search = `/${event.detail.id}/view`;
+		for (let img of this.shadowRoot.querySelectorAll('img')) {
+			if (img.src.indexOf(search) != -1) {
+				let src = img.src.split('?')[0];
+				img.src = `${src}?${new Date().valueOf()}`;
+			}
+		}
+	}
+
 	show_reply() {
 		let event = new CustomEvent('tf-draft', {
 			bubbles: true,
@@ -311,7 +328,9 @@ class TfMessageElement extends LitElement {
 	}

 	expanded_key() {
-		return this.message?.id || this.messages?.map((x) => x.id).join(':');
+		return (
+			this.message?.id || this.message?.messages?.map((x) => x.id).join(':')
+		);
 	}

 	set_expanded(expanded, tag) {
@@ -349,12 +368,13 @@ class TfMessageElement extends LitElement {
 					</button>
 				`;
 			} else {
-				return html` <div class="w3-container w3-margin-bottom">
-						${repeat(
-							this.message.child_messages || [],
-							(x) => x.id,
-							(x) =>
-								html`<tf-message
+				return html` <ul class="w3-container w3-margin-bottom w3-ul w3-card-4">
+					${repeat(
+						this.message.child_messages || [],
+						(x) => x.id,
+						(x) =>
+							html`<li style="padding: 0">
+								<tf-message
 									.message=${x}
 									whoami=${this.whoami}
 									.users=${this.users}
@@ -363,16 +383,20 @@ class TfMessageElement extends LitElement {
 									channel=${this.channel}
 									channel_unread=${this.channel_unread}
 									.recent_reactions=${this.recent_reactions}
-								></tf-message>`
-						)}
-					</div>
-					<button
-						class="w3-button w3-theme-d1 w3-block w3-bar"
-						style="box-sizing: border-box"
-						@click=${() => self.set_expanded(false)}
-					>
-						Collapse
-					</button>`;
+									depth=${this.depth + 1}
+								></tf-message>
+							</li>`
+					)}
+					<li style="padding: 0" class="w3-margin-bottom">
+						<button
+							class="w3-button w3-theme-d1 w3-block w3-bar"
+							style="box-sizing: border-box"
+							@click=${() => self.set_expanded(false)}
+						>
+							Collapse
+						</button>
+					</li>
+				</ul>`;
 			}
 		} else {
 			return undefined;
@@ -536,8 +560,11 @@ class TfMessageElement extends LitElement {
 				}
 			</style>
 			<div
-				class="w3-card-4 ${this.class_background()} w3-border-theme w3-margin-top"
-				style="overflow: auto; overflow-wrap: anywhere; display: block; max-width: 100%"
+				class="w3-card-4 ${this.class_background()} w3-border-theme ${this
+					.depth == 0
+					? 'w3-margin-top'
+					: ''}"
+				style="overflow-wrap: anywhere; display: block; max-width: 100%"
 			>
 				${inner}
 			</div>
@@ -563,6 +590,7 @@ class TfMessageElement extends LitElement {
 						channel=${self.channel}
 						channel_unread=${self.channel_unread}
 						.recent_reactions=${self.recent_reactions}
+						depth=${self.depth + 1}
 					></tf-message>
 				`
 			)}
@@ -598,15 +626,17 @@ class TfMessageElement extends LitElement {
 		let sorted = this.message.messages
 			.map((x) => [
 				x.author,
-				x.content.blocking !== undefined
-					? x.content.blocking
-						? 'is blocking'
-						: 'is no longer blocking'
-					: x.content.following !== undefined
-						? x.content.following
-							? 'is following'
-							: 'is no longer following'
-						: '',
+				x.content.following && x.content.blocking
+					? 'is following and blocking'
+					: x.content.following
+						? 'is following'
+						: x.content.blocking
+							? 'is blocking'
+							: x.content.blocking !== undefined
+								? 'is no longer blocking'
+								: x.content.following !== undefined
+									? 'is no longer following'
+									: '',
 				x.content.contact,
 				x,
 			])
@@ -631,6 +661,35 @@ class TfMessageElement extends LitElement {
 		return result;
 	}

+	channel_group_by_author() {
+		let sorted = this.message.messages
+			.map((x) => [
+				x.author,
+				x.content.subscribed ? 'subscribed to' : 'unsubscribed from',
+				x.content.channel,
+				x,
+			])
+			.sort();
+		let result = [];
+		let last;
+		let group;
+		for (let row of sorted) {
+			if (last && last[0] == row[0] && last[1] == row[1]) {
+				group.push(row[2]);
+			} else {
+				if (group) {
+					result.push({author: last[0], action: last[1], channels: group});
+				}
+				last = row;
+				group = [row[2]];
+			}
+		}
+		if (group) {
+			result.push({author: last[0], action: last[1], channels: group});
+		}
+		return result;
+	}
+
 	allow_unread() {
 		return (
 			this.channel == '@' ||
@@ -644,7 +703,7 @@ class TfMessageElement extends LitElement {
 			: undefined;
 	}

-	render() {
+	_render() {
 		let content = this.message?.content;
 		if (this.message?.decrypted?.type == 'post') {
 			content = this.message.decrypted;
@@ -665,6 +724,7 @@ class TfMessageElement extends LitElement {
 									.expanded=${this.expanded}
 									channel=${this.channel}
 									channel_unread=${this.channel_unread}
+									depth=${this.depth + 1}
 								></tf-message>`
 						)}
 					</div>
@@ -706,6 +766,56 @@ class TfMessageElement extends LitElement {
 					</button>
 				`);
 			}
+		} else if (this.message?.type === 'channel_group') {
+			if (this.expanded[this.expanded_key()]) {
+				return this.render_frame(html`
+					<div class="w3-padding">
+						${this.message.messages.map(
+							(x) =>
+								html`<tf-message
+									.message=${x}
+									whoami=${this.whoami}
+									.users=${this.users}
+									.drafts=${this.drafts}
+									.expanded=${this.expanded}
+									channel=${this.channel}
+									channel_unread=${this.channel_unread}
+									depth=${this.depth + 1}
+								></tf-message>`
+						)}
+					</div>
+					<button
+						class="w3-button w3-theme-d1 w3-block w3-bar"
+						style="box-sizing: border-box"
+						@click=${() => self.set_expanded(false)}
+					>
+						Collapse
+					</button>
+				`);
+			} else {
+				return this.render_frame(html`
+					<div class="w3-padding">
+						${this.channel_group_by_author().map(
+							(x) => html`
+								<div>
+									<tf-user id=${x.author} .users=${this.users}></tf-user>
+									${x.action}
+									${x.channels.map(
+										(y) => html` <tf-tag tag=${'#' + y}></tf-tag> `
+									)}
+								</div>
+							`
+						)}
+					</div>
+					<button
+						class="w3-button w3-theme-d1 w3-block w3-bar"
+						style="box-sizing: border-box"
+						@click=${() => self.set_expanded(true)}
+					>
+						Expand
+					</button>
+				`);
+			}
 		} else if (this.message.placeholder) {
 			return this.render_frame(
 				html`<div>
@@ -751,6 +861,7 @@ class TfMessageElement extends LitElement {
 								.expanded=${this.expanded}
 								channel=${this.channel}
 								channel_unread=${this.channel_unread}
+								depth=${this.depth + 1}
 							></tf-message>
 						`
 					)}
@@ -986,6 +1097,15 @@ class TfMessageElement extends LitElement {
 			return this.render_small_frame(this.render_raw());
 		}
 	}
+
+	render() {
+		return html`
+			<style>
+				${generate_theme()}
+			</style>
+			${this._render()}
+		`;
+	}
 }

 customElements.define('tf-message', TfMessageElement);
--- a/apps/ssb/tf-news.js
+++ b/apps/ssb/tf-news.js
@@ -1,6 +1,6 @@
 import {LitElement, html, unsafeHTML, repeat, until} from './lit-all.min.js';
 import * as tfrpc from '/static/tfrpc.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfNewsElement extends LitElement {
 	static get properties() {
@@ -160,11 +160,29 @@ class TfNewsElement extends LitElement {
 		return recursive_sort(roots, true);
 	}

-	group_following(messages) {
+	group_messages(messages) {
 		let result = [];
 		let group = [];
+		let type = undefined;
 		for (let message of messages) {
-			if (message?.content?.type === 'contact') {
+			if (
+				message?.content?.type === 'contact' ||
+				message?.content?.type === 'channel'
+			) {
+				if (type && message.content.type !== type) {
+					if (group.length == 1) {
+						result.push(group[0]);
+						group = [];
+					} else if (group.length > 1) {
+						result.push({
+							rowid: Math.max(...group.map((x) => x.rowid)),
+							type: `${type}_group`,
+							messages: group,
+						});
+						group = [];
+					}
+				}
+				type = message.content.type;
 				group.push(message);
 			} else {
 				if (group.length == 1) {
@@ -173,12 +191,13 @@ class TfNewsElement extends LitElement {
 				} else if (group.length > 1) {
 					result.push({
 						rowid: Math.max(...group.map((x) => x.rowid)),
-						type: 'contact_group',
+						type: `${type}_group`,
 						messages: group,
 					});
 					group = [];
 				}
 				result.push(message);
+				type = undefined;
 			}
 		}
 		if (group.length == 1) {
@@ -187,7 +206,7 @@ class TfNewsElement extends LitElement {
 		} else if (group.length > 1) {
 			result.push({
 				rowid: Math.max(...group.map((x) => x.rowid)),
-				type: 'contact_group',
+				type: `${type}_group`,
 				messages: group,
 			});
 		}
@@ -200,7 +219,7 @@ class TfNewsElement extends LitElement {

 	load_and_render(messages) {
 		let messages_by_id = this.process_messages(messages);
-		let final_messages = this.group_following(
+		let final_messages = this.group_messages(
 			this.finalize_messages(messages_by_id)
 		);
 		let unread_rowid = -1;
@@ -212,6 +231,9 @@ class TfNewsElement extends LitElement {
 			}
 		}
 		return html`
+			<style>
+				${generate_theme()}
+			</style>
 			<div>
 				${repeat(
 					final_messages,
--- a/apps/ssb/tf-profile.js
+++ b/apps/ssb/tf-profile.js
@@ -1,7 +1,7 @@
 import {LitElement, html, until, unsafeHTML} from './lit-all.min.js';
 import * as tfrpc from '/static/tfrpc.js';
 import * as tfutils from './tf-utils.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfProfileElement extends LitElement {
 	static get properties() {
@@ -37,16 +37,22 @@ class TfProfileElement extends LitElement {
 			this.following = undefined;
 			this.blocking = undefined;

+			let latest = (
+				await tfrpc.rpc.query('SELECT MAX(rowid) AS latest FROM messages')
+			)[0].latest;
+
 			let result = await tfrpc.rpc.query(
 				`
 				SELECT json_extract(content, '$.following') AS following
 				FROM messages WHERE author = ? AND
 				json_extract(content, '$.type') = 'contact' AND
 				json_extract(content, '$.contact') = ? AND
-				following IS NOT NULL
+				following IS NOT NULL AND
+				messages.rowid <= ?
 				ORDER BY sequence DESC LIMIT 1
 			`,
-				[this.whoami, this.id]
+				[this.whoami, this.id, latest],
+				{cacheable: true}
 			);
 			this.following = result?.[0]?.following ?? false;
 			result = await tfrpc.rpc.query(
@@ -55,10 +61,12 @@ class TfProfileElement extends LitElement {
 				FROM messages WHERE author = ? AND
 				json_extract(content, '$.type') = 'contact' AND
 				json_extract(content, '$.contact') = ? AND
-				blocking IS NOT NULL
+				blocking IS NOT NULL AND
+				messages.rowid <= ?
 				ORDER BY sequence DESC LIMIT 1
 			`,
-				[this.whoami, this.id]
+				[this.whoami, this.id, latest],
+				{cacheable: true}
 			);
 			this.blocking = result?.[0]?.blocking ?? false;
 		}
@@ -238,7 +246,7 @@ class TfProfileElement extends LitElement {
 		let profile = this.users[this.id] || {};
 		tfrpc.rpc
 			.query(
-				`SELECT SUM(LENGTH(content)) AS size, MAX(sequence) AS sequence FROM messages WHERE author = ?`,
+				`SELECT size AS size, max_sequence AS sequence FROM messages_stats WHERE author = ?`,
 				[this.id]
 			)
 			.then(function (result) {
@@ -316,7 +324,9 @@ class TfProfileElement extends LitElement {
 		}
 		image = this.editing?.image ?? image;
 		let description = this.editing?.description ?? profile.description;
-		return html`<div class="w3-card-4 w3-container w3-theme-d3" style="box-sizing: border-box">
+		return html`
+			<style>${generate_theme()}</style>
+			<div class="w3-card-4 w3-container w3-theme-d3" style="box-sizing: border-box">
 			<header class="w3-container">
 				<p><tf-user id=${this.id} .users=${this.users}></tf-user> (${tfutils.human_readable_size(this.size)} in ${this.sequence} messages)</p>
 			</header>
--- a/apps/ssb/tf-reactions-modal.js
+++ b/apps/ssb/tf-reactions-modal.js
@@ -1,5 +1,5 @@
 import {LitElement, html, unsafeHTML} from './lit-all.min.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfReactionsModalElement extends LitElement {
 	static get properties() {
@@ -24,50 +24,57 @@ class TfReactionsModalElement extends LitElement {
 	render() {
 		let self = this;
 		return this.votes?.length
-			? html` <div
-					class="w3-modal w3-animate-opacity"
-					style="display: block; box-sizing: border-box; z-index: 10"
-					@click=${this.clear}
-				>
+			? html` <style>
+						${generate_theme()}
+					</style>
 					<div
-						class="w3-modal-content w3-card-4 w3-theme-d1"
-						onclick="event.stopPropagation()"
+						class="w3-modal w3-animate-opacity"
+						style="display: block; box-sizing: border-box; z-index: 10"
+						@click=${this.clear}
 					>
-						<div class="w3-container w3-padding">
-							<header class="w3-container">
-								<h2>Reactions</h2>
-								<span class="w3-button w3-display-topright" @click=${this.clear}
-									>&times;</span
-								>
-							</header>
-							<ul class="w3-theme-dark w3-container w3-ul">
-								${this.votes
-									.sort((x, y) => y.timestamp - x.timestamp)
-									.map(
-										(x) => html`
-											<li style="display: flex; flex-direction: row; gap: 4px">
-												<span style="flex-basis: 3em"
-													>${x?.content?.vote?.expression}</span
+						<div
+							class="w3-modal-content w3-card-4 w3-theme-d1"
+							onclick="event.stopPropagation()"
+						>
+							<div class="w3-container w3-padding">
+								<header class="w3-container">
+									<h2>Reactions</h2>
+									<span
+										class="w3-button w3-display-topright"
+										@click=${this.clear}
+										>&times;</span
+									>
+								</header>
+								<ul class="w3-theme-dark w3-container w3-ul">
+									${this.votes
+										.sort((x, y) => y.timestamp - x.timestamp)
+										.map(
+											(x) => html`
+												<li
+													style="display: flex; flex-direction: row; gap: 4px"
 												>
-												<tf-user
-													style="flex: 1 1"
-													id=${x.author}
-													.users=${this.users}
-												></tf-user>
-												<span
-													style="flex-shrink: 1; white-space: nowrap; overflow: hidden; text-overflow: ellipsis"
-													>${new Date(x?.timestamp).toLocaleString()}</span
-												>
-											</li>
-										`
-									)}
-							</ul>
-							<footer class="w3-container w3-padding">
-								<button class="w3-button" @click=${this.clear}>Close</button>
-							</footer>
+													<span style="flex-basis: 3em"
+														>${x?.content?.vote?.expression}</span
+													>
+													<tf-user
+														style="flex: 1 1; overflow: hidden"
+														id=${x.author}
+														.users=${this.users}
+													></tf-user>
+													<span
+														style="flex-shrink: 1; white-space: nowrap; overflow: hidden; text-overflow: ellipsis"
+														>${new Date(x?.timestamp).toLocaleString()}</span
+													>
+												</li>
+											`
+										)}
+								</ul>
+								<footer class="w3-container w3-padding">
+									<button class="w3-button" @click=${this.clear}>Close</button>
+								</footer>
+							</div>
 						</div>
-					</div>
-				</div>`
+					</div>`
 			: undefined;
 	}
 }
--- a/apps/ssb/tf-styles.js
+++ b/apps/ssb/tf-styles.js
@@ -1,4 +1,5 @@
-import {css, unsafeCSS} from './lit-all.min.js';
+import {css, unsafeCSS, until} from './lit-all.min.js';
+import * as tfrpc from '/static/tfrpc.js';

 const tf = css`
 	img {
@@ -408,16 +409,8 @@ function is_dark(hex, value) {
 	return (r * 299 + g * 587 + b * 114) / 1000 < value;
 }

-function generated() {
-	let now = new Date();
-	let k_color = rgb_to_hex([
-		(now.getDay() * 128) / 6,
-		(now.getHours() * 128) / 23,
-		(now.getSeconds() * 128) / 59,
-	]);
-	//let k_color = '#034f84';
-	//let k_color = rgb_to_hex([Math.random() * 256, Math.random() * 256, Math.random() * 256]);
-	let [r, g, b] = hex_to_rgb(k_color);
+export function generate(color) {
+	let [r, g, b] = hex_to_rgb(color);
 	let [h, s, l] = rgb_to_hsl(r, g, b);

 	let theme1 = {
@@ -461,4 +454,28 @@ function generated() {
 	return unsafeCSS(result);
 }

-export let styles = [tf, w3, generated()];
+let g_theme;
+export function generate_theme() {
+	return g_theme
+		? g_theme
+		: until(
+				tfrpc.rpc.localStorageGet('color').then(function (value) {
+					g_theme = generate(value ?? '#034f84');
+					return g_theme;
+				}),
+				generated_now()
+			);
+}
+
+function generated_now() {
+	let now = new Date();
+	return generate(
+		rgb_to_hex([
+			(now.getDay() * 128) / 6,
+			(now.getHours() * 128) / 23,
+			(now.getSeconds() * 128) / 59,
+		])
+	);
+}
+
+export let styles = [tf, w3];
--- a/apps/ssb/tf-tab-connections.js
+++ b/apps/ssb/tf-tab-connections.js
@@ -1,6 +1,6 @@
 import {LitElement, html} from './lit-all.min.js';
 import * as tfrpc from '/static/tfrpc.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfTabConnectionsElement extends LitElement {
 	static get properties() {
@@ -15,6 +15,7 @@ class TfTabConnectionsElement extends LitElement {
 			connect_attempt: {type: Object},
 			connect_message: {type: String},
 			connect_success: {type: Boolean},
+			peer_exchange: {type: Boolean},
 		};
 	}

@@ -47,6 +48,20 @@ class TfTabConnectionsElement extends LitElement {
 		tfrpc.rpc.getServerIdentity().then(function (identity) {
 			self.server_identity = identity;
 		});
+		this.check_peer_exchange();
+	}
+
+	async check_peer_exchange() {
+		if (await tfrpc.rpc.isAdministrator()) {
+			this.peer_exchange = await tfrpc.rpc.globalSettingsGet('peer_exchange');
+		} else {
+			this.peer_exchange = undefined;
+		}
+	}
+
+	async enable_peer_exchange() {
+		await tfrpc.rpc.globalSettingsSet('peer_exchange', true);
+		await this.check_peer_exchange();
 	}

 	render_connection_summary(connection) {
@@ -251,7 +266,26 @@ class TfTabConnectionsElement extends LitElement {
 	render() {
 		let self = this;
 		return html`
+			<style>
+				${generate_theme()}
+			</style>
 			<div class="w3-container" style="box-sizing: border-box">
+				<div
+					class=${'w3-panel w3-padding w3-theme-l3' +
+					(this.peer_exchange !== false ? ' w3-hide' : '')}
+				>
+					<p>
+						Looking for connections? Enabling this option will include publicly
+						advertised rooms and pubs among the list of discovered connections
+						to help you replicate.
+					</p>
+					<button
+						class="w3-button w3-theme-d1"
+						@click=${this.enable_peer_exchange}
+					>
+						🔍🌐 Use publicly advertised peers
+					</button>
+				</div>
 				<h2>New Connection</h2>
 				<textarea class="w3-input w3-theme-d1" id="code"></textarea>
 				${this.render_message(this.renderRoot.getElementById('code')?.value)}
--- a/apps/ssb/tf-tab-news-feed.js
+++ b/apps/ssb/tf-tab-news-feed.js
@@ -1,6 +1,6 @@
 import {LitElement, cache, html, unsafeHTML, until} from './lit-all.min.js';
 import * as tfrpc from '/static/tfrpc.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfTabNewsFeedElement extends LitElement {
 	static get properties() {
@@ -175,7 +175,6 @@ class TfTabNewsFeedElement extends LitElement {
 				[this.hash.substring(1)]
 			);
 		} else if (this.hash.startsWith('##')) {
-			let t0 = new Date();
 			let initial_messages = await tfrpc.rpc.query(
 				`
 					WITH
@@ -203,12 +202,7 @@ class TfTabNewsFeedElement extends LitElement {
 					k_max_results,
 				]
 			);
-			let t1 = new Date();
 			result = await this._fetch_related_messages(initial_messages);
-			let t2 = new Date();
-			console.log(
-				`load of ${result.length} rows took ${(t2 - t0) / 1000} (${(t1 - t0) / 1000} to find ${initial_messages.length} initial messages, ${(t2 - t1) / 1000} to find ${result.length} total messages) following=${this.following.length} st=${start_time} et=${end_time}`
-			);
 		} else if (this.hash.startsWith('#🔐')) {
 			let ids =
 				this.hash == '#🔐' ? [] : this.hash.substring('#🔐'.length).split(',');
@@ -253,24 +247,32 @@ class TfTabNewsFeedElement extends LitElement {
 				[JSON.stringify(this.following), start_time, end_time, k_max_results]
 			);
 		} else {
-			let t0 = new Date();
 			let initial_messages = await tfrpc.rpc.query(
 				`
+					WITH
+						channels AS (SELECT '#' || value AS value FROM json_each(?5))
 					SELECT TRUE AS is_primary, messages.rowid, messages.id, messages.previous, messages.author, messages.sequence, messages.timestamp, messages.hash, json(messages.content) AS content, messages.signature
-					FROM messages
-					JOIN json_each(?) AS following ON messages.author = following.value
-					WHERE messages.timestamp < ?3 AND (?2 IS NULL OR messages.timestamp >= ?2) AND
-						messages.content ->> 'type' != 'vote'
+							FROM messages
+							JOIN json_each(?1) AS following ON messages.author = following.value
+							WHERE messages.timestamp < ?3 AND (?2 IS NULL OR messages.timestamp >= ?2) AND
+								messages.content ->> 'type' != 'vote' AND
+								(messages.content ->> 'root' IS NULL OR (
+									NOT EXISTS (SELECT * FROM messages root JOIN channels ON ('#' || (root.content ->> 'channel')) = channels.value WHERE root.id = messages.content ->> 'root') AND
+									NOT EXISTS (SELECT * FROM messages root JOIN messages_refs ON root.id = messages.content ->> 'root' JOIN channels ON messages_refs.message = root.id AND messages_refs.ref = channels.value)
+								)) AND
+								(messages.content ->> 'channel' IS NULL OR ('#' || (messages.content ->> 'channel')) NOT IN (SELECT * FROM channels)) AND
+								NOT EXISTS (SELECT * FROM messages_refs JOIN channels ON messages_refs.message = messages.id AND messages_refs.ref = channels.value)
 					ORDER BY timestamp DESC LIMIT ?4
 				`,
-				[JSON.stringify(this.following), start_time, end_time, k_max_results]
+				[
+					JSON.stringify(this.following),
+					start_time,
+					end_time,
+					k_max_results,
+					JSON.stringify(Object.keys(this.channels_latest)),
+				]
 			);
-			let t1 = new Date();
 			result = await this._fetch_related_messages(initial_messages);
-			let t2 = new Date();
-			console.log(
-				`load of ${result.length} rows took ${(t2 - t0) / 1000} (${(t1 - t0) / 1000} to find ${initial_messages.length} initial messages, ${(t2 - t1) / 1000} to find ${result.length} total messages) following=${this.following.length} st=${start_time} et=${end_time}`
-			);
 		}
 		this.time_loading = undefined;
 		return result;
@@ -393,9 +395,13 @@ class TfTabNewsFeedElement extends LitElement {
 				this._messages_hash = this.hash;
 			}
 			this._messages_following = JSON.stringify(this.following);
-			this._private_messages =
-				JSON.stringify(this.private_messages) +
-				JSON.stringify(this.grouped_private_messages);
+			this._private_messages = JSON.stringify([
+				this.private_messages,
+				this.grouped_private_messages,
+			]);
+			this._channels_latest = JSON.stringify(
+				Object.keys(this.channels_latest ?? {})
+			);
 			let now = new Date().valueOf();
 			let start_time = now - 24 * 60 * 60 * 1000;
 			this.start_time = start_time;
@@ -470,11 +476,15 @@ class TfTabNewsFeedElement extends LitElement {
 			this._messages_hash !== this.hash ||
 			this._messages_following !== JSON.stringify(this.following) ||
 			this._private_messages !==
-				JSON.stringify(this.private_messages) +
-					JSON.stringify(this.grouped_private_messages)
+				JSON.stringify([
+					this.private_messages,
+					this.grouped_private_messages,
+				]) ||
+			this._channels_latest !==
+				JSON.stringify(Object.keys(this.channels_latest))
 		) {
 			console.log(
-				`loading messages for ${this.whoami} (following ${this.following.length})`
+				`loading messages for ${this.whoami} (messages=${!this.messages},${this._messages_hash != this.hash} following=${this._messages_following !== JSON.stringify(this.following)}, channels=${this._channels_latest !== JSON.stringify(Object.keys(this.channels_latest))}, private=${this._private_messages !== JSON.stringify([this.private_messages, this.grouped_private_messages])},${this.private_messages?.length},${Object.keys(this.grouped_private_messages ?? {}).length})`
 			);
 			this.load_messages();
 		}
@@ -523,6 +533,9 @@ class TfTabNewsFeedElement extends LitElement {
 			`;
 		}
 		return cache(html`
+			<style>
+				${generate_theme()}
+			</style>
 			${this.unread_allowed()
 				? html`<button
 						class="w3-button w3-theme-d1"
--- a/apps/ssb/tf-tab-news.js
+++ b/apps/ssb/tf-tab-news.js
@@ -7,7 +7,7 @@ import {
 	until,
 } from './lit-all.min.js';
 import * as tfrpc from '/static/tfrpc.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfTabNewsElement extends LitElement {
 	static get properties() {
@@ -25,6 +25,7 @@ class TfTabNewsElement extends LitElement {
 			connections: {type: Array},
 			private_messages: {type: Array},
 			grouped_private_messages: {type: Object},
+			visible_private_messages: {type: Object},
 			recent_reactions: {type: Array},
 			peer_exchange: {type: Boolean},
 			is_administrator: {type: Boolean},
@@ -211,35 +212,6 @@ class TfTabNewsElement extends LitElement {
 				>
 					&times;
 				</div>
-				${this.is_administrator
-					? html`
-							<button
-								class="w3-bar-item w3-button"
-								@click=${() =>
-									this.dispatchEvent(
-										new Event('refresh', {bubbles: true, composed: true})
-									)}
-							>
-								<span style="display: inline-block; width: 1.8em">↻</span>
-								Sync now
-							</button>
-							<button
-								class="w3-bar-item w3-button w3-ripple"
-								@click=${() =>
-									this.dispatchEvent(
-										new Event('toggle_stay_connected', {
-											bubbles: true,
-											composed: true,
-										})
-									)}
-							>
-								<span style="display: inline-block; width: 1.8em"
-									>${this.stay_connected ? '🔗' : '⛓️‍💥'}</span
-								>
-								${this.stay_connected ? 'Online mode' : 'Passive mode'}
-							</button>
-						`
-					: undefined}
 				${this.hash.startsWith('##') &&
 				this.channels.indexOf(this.hash.substring(2)) == -1
 					? html`
@@ -248,7 +220,7 @@ class TfTabNewsElement extends LitElement {
 								href="#"
 								class="w3-bar-item w3-button"
 								style="font-weight: bold"
-								>${this.hash.substring(2)}</a
+								>${this.hash.substring(1)}</a
 							>
 						`
 					: undefined}
@@ -271,7 +243,7 @@ class TfTabNewsElement extends LitElement {
 					style=${this.hash == '#👍' ? 'font-weight: bold' : undefined}
 					>${this.unread_status('👍')}👍votes</a
 				>
-				${Object.keys(this?.grouped_private_messages ?? [])
+				${Object.keys(this?.visible_private_messages ?? [])
 					?.sort()
 					?.map(
 						(key) => html`
@@ -335,11 +307,26 @@ class TfTabNewsElement extends LitElement {
 								↻ Sync now
 							</button>
 							<button
-								class=${'w3-bar-item w3-button' +
+								class="w3-bar-item w3-button w3-ripple"
+								@click=${() =>
+									this.dispatchEvent(
+										new Event('toggle_stay_connected', {
+											bubbles: true,
+											composed: true,
+										})
+									)}
+							>
+								<span style="display: inline-block; width: 1.8em"
+									>${this.stay_connected ? '🔗' : '⛓️‍💥'}</span
+								>
+								${this.stay_connected ? 'Online mode' : 'Passive mode'}
+							</button>
+							<button
+								class=${'w3-bar-item w3-button w3-border w3-leftbar w3-rightbar' +
 								(this.peer_exchange !== false ? ' w3-hide' : '')}
 								@click=${this.enable_peer_exchange}
 							>
-								Enable peer exchange
+								🔍🌐 Use publicly advertised peers
 							</button>
 						`
 					: undefined}
@@ -409,9 +396,12 @@ class TfTabNewsElement extends LitElement {
 			</div>`;
 		}
 		return cache(html`
+			<style>
+				${generate_theme()}
+			</style>
 			${this.render_sidebar()}
 			<div
-				style="margin-left: 2in; padding: 0px; top: 0; max-height: 100%; overflow: auto; contain: layout"
+				style="margin-left: 2in; padding: 0px; top: 0; height: 100vh; max-height: 100%; overflow: auto; contain: layout"
 				id="main"
 				class="w3-main"
 			>
@@ -438,7 +428,12 @@ class TfTabNewsElement extends LitElement {
 						>
 							${this.unread_status()}&#9776;
 						</div>
-						Welcome, <tf-user id=${this.whoami} .users=${this.users}></tf-user>!
+						<span
+							style="display: inline-block; width: 100%; max-width: 100%; white-space: nowrap; overflow: hidden"
+						>
+							Welcome,
+							<tf-user id=${this.whoami} .users=${this.users}></tf-user>!
+						</span>
 						${edit_profile}
 					</div>
 					<div>
--- a/apps/ssb/tf-tab-query.js
+++ b/apps/ssb/tf-tab-query.js
@@ -1,136 +0,0 @@
-import {LitElement, html, unsafeHTML} from './lit-all.min.js';
-import * as tfrpc from '/static/tfrpc.js';
-import {styles} from './tf-styles.js';
-
-class TfTabQueryElement extends LitElement {
-	static get properties() {
-		return {
-			whoami: {type: String},
-			users: {type: Object},
-			following: {type: Array},
-			query: {type: String},
-			expanded: {type: Object},
-			results: {type: Array},
-			error: {type: Object},
-			duration: {type: Number},
-		};
-	}
-
-	static styles = styles;
-
-	constructor() {
-		super();
-		let self = this;
-		this.whoami = null;
-		this.users = {};
-		this.following = [];
-		this.expanded = {};
-		this.duration = undefined;
-	}
-
-	async search(query) {
-		console.log('Searching...', this.whoami, query);
-		this.results = [];
-		this.error = undefined;
-		this.duration = undefined;
-		let search = this.renderRoot.getElementById('search');
-		if (search) {
-			search.value = query;
-			search.focus();
-		}
-		await tfrpc.rpc.setHash('#sql=' + encodeURIComponent(query));
-		let start_time = new Date();
-		try {
-			this.results = await tfrpc.rpc.query(query, []);
-		} catch (error) {
-			this.error = error;
-		}
-		let end_time = new Date();
-		this.duration = (end_time - start_time).valueOf();
-		console.log('Done.');
-		search = this.renderRoot.getElementById('search');
-		if (search) {
-			search.value = query;
-			search.focus();
-		}
-	}
-
-	search_keydown(event) {
-		if (event.keyCode == 13 && event.ctrlKey) {
-			this.query = this.renderRoot.getElementById('search').value;
-			event.preventDefault();
-		}
-	}
-
-	on_expand(event) {
-		if (event.detail.expanded) {
-			let expand = {};
-			expand[event.detail.id] = true;
-			this.expanded = Object.assign({}, this.expanded, expand);
-		} else {
-			delete this.expanded[event.detail.id];
-			this.expanded = Object.assign({}, this.expanded);
-		}
-	}
-
-	render_results() {
-		if (!this.results?.length) {
-			return html`<div>No results.</div>`;
-		} else {
-			let keys = Object.keys(this.results[0]).sort();
-			return html`<table style="width: 100%; max-width: 100%">
-				<tr>
-					${keys.map((key) => html`<th>${key}</th>`)}
-				</tr>
-				${this.results.map(
-					(row) =>
-						html`<tr>
-							${keys.map((key) => html`<td>${row[key]}</td>`)}
-						</tr>`
-				)}
-			</table>`;
-		}
-	}
-
-	render_error() {
-		if (this.error) {
-			return html`<h2 style="color: red">${this.error.message}</h2>
-				<pre style="color: red">${this.error.stack}</pre>`;
-		}
-	}
-
-	render() {
-		if (this.query !== this.last_query) {
-			this.last_query = this.query;
-			this.search(this.query);
-		}
-		let self = this;
-		return html`
-			<div style="display: flex; flex-direction: row; gap: 4px">
-				<textarea
-					id="search"
-					rows="8"
-					class="w3-input w3-theme-d1"
-					style="flex: 1; resize: vertical"
-					@keydown=${this.search_keydown}
-				>
-${this.query}</textarea
-				>
-				<button
-					class="w3-button w3-theme-d1"
-					@click=${(event) =>
-						self.search(self.renderRoot.getElementById('search').value)}
-				>
-					Execute
-				</button>
-			</div>
-			<div ?hidden=${this.duration === undefined}>
-				Took ${this.duration / 1000.0} seconds.
-			</div>
-			<div ?hidden=${this.duration !== undefined}>Executing...</div>
-			${this.render_error()} ${this.render_results()}
-		`;
-	}
-}
-
-customElements.define('tf-tab-query', TfTabQueryElement);
--- a/apps/ssb/tf-tab-search.js
+++ b/apps/ssb/tf-tab-search.js
@@ -1,6 +1,6 @@
 import {LitElement, html, unsafeHTML} from './lit-all.min.js';
 import * as tfrpc from '/static/tfrpc.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfTabSearchElement extends LitElement {
 	static get properties() {
@@ -11,6 +11,9 @@ class TfTabSearchElement extends LitElement {
 			following: {type: Array},
 			query: {type: String},
 			expanded: {type: Object},
+			messages: {type: Array},
+			results: {type: Array},
+			error: {type: Object},
 		};
 	}

@@ -38,24 +41,40 @@ class TfTabSearchElement extends LitElement {
 			search.select();
 		}
 		await tfrpc.rpc.setHash('#q=' + encodeURIComponent(query));
-		let results = await tfrpc.rpc.query(
-			`
-				SELECT messages.id, messages.previous, messages.author, messages.sequence, messages.timestamp, messages.hash, json(messages.content) AS content, messages.signature
-				FROM messages_fts(?)
-				JOIN messages ON messages.rowid = messages_fts.rowid
-				JOIN json_each(?) AS following ON messages.author = following.value
-				ORDER BY timestamp DESC limit 100
-			`,
-			['"' + query.replace('"', '""') + '"', JSON.stringify(this.following)]
-		);
-		console.log('Done.');
-		search = this.renderRoot.getElementById('search');
-		if (search) {
-			search.value = query;
-			search.focus();
-			search.select();
+		this.error = undefined;
+		this.results = [];
+		this.messages = [];
+		if (query.startsWith('sql:')) {
+			this.messages = [];
+			try {
+				this.results = await tfrpc.rpc.query(
+					query.substring('sql:'.length),
+					[]
+				);
+			} catch (e) {
+				this.results = [];
+				this.error = e;
+			}
+		} else {
+			let results = await tfrpc.rpc.query(
+				`
+					SELECT messages.id, messages.previous, messages.author, messages.sequence, messages.timestamp, messages.hash, json(messages.content) AS content, messages.signature
+					FROM messages_fts(?)
+					JOIN messages ON messages.rowid = messages_fts.rowid
+					JOIN json_each(?) AS following ON messages.author = following.value
+					ORDER BY timestamp DESC limit 100
+				`,
+				['"' + query.replace('"', '""') + '"', JSON.stringify(this.following)]
+			);
+			console.log('Done.');
+			search = this.renderRoot.getElementById('search');
+			if (search) {
+				search.value = query;
+				search.focus();
+				search.select();
+			}
+			this.messages = results;
 		}
-		this.renderRoot.getElementById('news').messages = results;
 	}

 	search_keydown(event) {
@@ -87,6 +106,39 @@ class TfTabSearchElement extends LitElement {
 		tfrpc.rpc.localStorageSet('drafts', JSON.stringify(this.drafts));
 	}

+	render_results() {
+		if (this.error) {
+			return html`<h2 style="color: red">${this.error.message}</h2>
+				<pre style="color: red">${this.error.stack}</pre>`;
+		} else if (this.messages?.length) {
+			return html`<tf-news
+				id="news"
+				whoami=${this.whoami}
+				.messages=${this.messages}
+				.users=${this.users}
+				.expanded=${this.expanded}
+				.drafts=${this.drafts}
+				@tf-expand=${this.on_expand}
+				@tf-draft=${this.draft}
+			></tf-news>`;
+		} else if (this.results?.length) {
+			let keys = Object.keys(this.results[0]).sort();
+			return html`<table style="width: 100%; max-width: 100%">
+				<tr>
+					${keys.map((key) => html`<th>${key}</th>`)}
+				</tr>
+				${this.results.map(
+					(row) =>
+						html`<tr>
+							${keys.map((key) => html`<td>${row[key]}</td>`)}
+						</tr>`
+				)}
+			</table>`;
+		} else {
+			return html`<div>No results.</div>`;
+		}
+	}
+
 	render() {
 		if (this.query !== this.last_query) {
 			this.last_query = this.query;
@@ -94,11 +146,14 @@ class TfTabSearchElement extends LitElement {
 		}
 		let self = this;
 		return html`
-			<div style="display: flex; flex-direction: row; gap: 4px">
-				<input type="text" class="w3-input w3-theme-d1" id="search" value=${this.query} style="flex: 1" @keydown=${this.search_keydown}></input>
-				<button class="w3-button w3-theme-d1" @click=${(event) => self.search(self.renderRoot.getElementById('search').value)}>Search</button>
+			<style>${generate_theme()}</style>
+			<div class="w3-padding">
+				<div style="display: flex; flex-direction: row; gap: 4px">
+					<input type="text" class="w3-input w3-theme-d1" id="search" value=${this.query} style="flex: 1" @keydown=${this.search_keydown}></input>
+					<button class="w3-button w3-theme-d1" @click=${(event) => self.search(self.renderRoot.getElementById('search').value)}>Search</button>
+				</div>
+				${this.render_results()}
 			</div>
-			<tf-news id="news" whoami=${this.whoami} .messages=${this.messages} .users=${this.users} .expanded=${this.expanded} .drafts=${this.drafts} @tf-expand=${this.on_expand} @tf-draft=${this.draft}></tf-news>
 		`;
 	}
 }
--- a/apps/ssb/tf-tag.js
+++ b/apps/ssb/tf-tag.js
@@ -1,5 +1,5 @@
 import {LitElement, html, unsafeHTML} from './lit-all.min.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfTagElement extends LitElement {
 	static get properties() {
@@ -17,11 +17,15 @@ class TfTagElement extends LitElement {

 	render() {
 		let number = this.count ? html` (${this.count})` : undefined;
-		return html`<a
-			href=${'#' + encodeURIComponent(this.tag)}
-			class="w3-tag w3-theme-d1 w3-round-4 w3-button"
-			>${this.tag}${number}</a
-		> `;
+		return html`
+			<style>
+				${generate_theme()}</style
+			><a
+				href=${'#' + encodeURIComponent(this.tag)}
+				class="w3-tag w3-theme-d1 w3-round-4 w3-button"
+				>${this.tag}${number}</a
+			>
+		`;
 	}
 }

--- a/apps/ssb/tf-user.js
+++ b/apps/ssb/tf-user.js
@@ -1,6 +1,6 @@
 import {LitElement, html} from './lit-all.min.js';
 import * as tfrpc from '/static/tfrpc.js';
-import {styles} from './tf-styles.js';
+import {styles, generate_theme} from './tf-styles.js';

 class TfUserElement extends LitElement {
 	static get properties() {
@@ -58,12 +58,15 @@ class TfUserElement extends LitElement {
 				/>`;
 			}
 		}
-		return html` <div
-			style=${'display: inline-block; vertical-align: middle; text-wrap: nowrap; max-width: 100%; overflow: hidden; text-overflow: ellipsis' +
-			(this.nolink ? '' : '; font-weight: bold')}
-		>
-			${image} ${name}
-		</div>`;
+		return html` <style>
+				${generate_theme()}
+			</style>
+			<div
+				style=${'display: inline-block; vertical-align: middle; text-wrap: nowrap; max-width: 100%; overflow: hidden; text-overflow: ellipsis' +
+				(this.nolink ? '' : '; font-weight: bold')}
+			>
+				${image} ${name}
+			</div>`;
 	}
 }

--- a/apps/ssb/tf-utils.js
+++ b/apps/ssb/tf-utils.js
@@ -104,12 +104,12 @@ export function markdown(md) {
 					node.destination.startsWith('@') &&
 					node.destination.endsWith('.ed25519')
 				) {
-					node.destination = '#' + node.destination;
+					node.destination = '#' + encodeURIComponent(node.destination);
 				} else if (
 					node.destination.startsWith('%') &&
 					node.destination.endsWith('.sha256')
 				) {
-					node.destination = '#' + node.destination;
+					node.destination = '#' + encodeURIComponent(node.destination);
 				} else if (
 					node.destination.startsWith('&') &&
 					node.destination.endsWith('.sha256')
--- a/apps/trace.json
+++ b/apps/trace.json
@@ -0,0 +1,5 @@
+{
+	"type": "tildefriends-app",
+	"emoji": "📦",
+	"previous": "&mhBOscDHiJ4VNnod27NOdRVC+4cXYZXIdYjsQBfmTYg=.sha256"
+}
--- a/apps/trace/app.js
+++ b/apps/trace/app.js
@@ -0,0 +1,27 @@
+async function main() {
+	let speedscope_js = await utf8Decode(
+		getFile('speedscope/speedscope-432XE7GS.js')
+	);
+	speedscope_js = speedscope_js.replace(/alert\(`Cannot load.*?return/, '');
+	app.setDocument(`
+		<!DOCTYPE html>
+		<html>
+			<head>
+				<meta charset="UTF-8">
+				<meta name="viewport" content="width=device-width, initial-scale=1.0">
+				<meta http-equiv="X-UA-Compatible" content="ie=edge">
+				<title>speedscope</title>
+				<link rel="stylesheet" href="speedscope/speedscope-GHPHNKXC.css">
+			</head>
+			<body>
+				<script>
+					delete window.localStorage;
+					window.location.hash = '#profileURL=${core.url}../../trace';
+				</script>
+				<script>${speedscope_js}</script>
+			</body>
+		</html>
+	`);
+}
+
+main();
--- a/apps/trace/speedscope/LICENSE
+++ b/apps/trace/speedscope/LICENSE
--- a/apps/trace/speedscope/README
+++ b/apps/trace/speedscope/README
--- a/apps/trace/speedscope/SourceCodePro-Regular.ttf-ILST5JV6.woff2
+++ b/apps/trace/speedscope/SourceCodePro-Regular.ttf-ILST5JV6.woff2
--- a/apps/trace/speedscope/favicon-16x16-V2DMIAZS.js
+++ b/apps/trace/speedscope/favicon-16x16-V2DMIAZS.js
--- a/apps/trace/speedscope/favicon-16x16-VSI62OPJ.png
+++ b/apps/trace/speedscope/favicon-16x16-VSI62OPJ.png
--- a/apps/trace/speedscope/favicon-32x32-3EB2YCUY.png
+++ b/apps/trace/speedscope/favicon-32x32-3EB2YCUY.png
--- a/apps/trace/speedscope/favicon-32x32-THY3JDJL.js
+++ b/apps/trace/speedscope/favicon-32x32-THY3JDJL.js
--- a/apps/trace/speedscope/favicon-FOKUP5Y5.ico
+++ b/apps/trace/speedscope/favicon-FOKUP5Y5.ico
--- a/apps/trace/speedscope/favicon-M34RF7BI.js
+++ b/apps/trace/speedscope/favicon-M34RF7BI.js
--- a/apps/trace/speedscope/file-format-schema.json
+++ b/apps/trace/speedscope/file-format-schema.json
--- a/apps/trace/speedscope/index.html
+++ b/apps/trace/speedscope/index.html
@@ -11,7 +11,7 @@
    <link rel="icon" type="image/x-icon" href="favicon-FOKUP5Y5.ico">
  </head>
  <body>
-    <script src="speedscope-HCR63FMT.js"></script>
+    <script src="speedscope-432XE7GS.js"></script>
    
    
    
--- a/apps/trace/speedscope/perf-vertx-stacks-01-collapsed-all-ZNUIGAJL.txt
+++ b/apps/trace/speedscope/perf-vertx-stacks-01-collapsed-all-ZNUIGAJL.txt
--- a/apps/trace/speedscope/release.txt
+++ b/apps/trace/speedscope/release.txt
@@ -0,0 +1,3 @@
+speedscope@1.24.0
+Mon Oct 20 18:11:29 PDT 2025
+fc76932551754a442cd5c4f0afdba28032d14d8a
--- a/apps/trace/speedscope/source-code-pro.LICENSE.md
+++ b/apps/trace/speedscope/source-code-pro.LICENSE.md
--- a/apps/trace/speedscope/speedscope-432XE7GS.js
+++ b/apps/trace/speedscope/speedscope-432XE7GS.js
--- a/apps/trace/speedscope/speedscope-GHPHNKXC.css
+++ b/apps/trace/speedscope/speedscope-GHPHNKXC.css
--- a/apps/welcome.json
+++ b/apps/welcome.json
@@ -1,5 +1,5 @@
 {
 	"type": "tildefriends-app",
 	"emoji": "👋",
-	"previous": "&5NkMRSgcMqCYF3xcLOBmaytkoxfV9zx4br7JladKPTs=.sha256"
+	"previous": "&n1QkPkB5JoduFSx8UKOY3IlZqS2GwLiTUZv4ZrEOthQ=.sha256"
 }
--- a/apps/welcome/index.html
+++ b/apps/welcome/index.html
@@ -104,7 +104,7 @@
 												src="googleplay.svg"
 												style="height: 2em; margin: 0"
 											/>
-											Get it on Google Play (Open Testing)
+											Get it on Google Play
 										</a>
 										<a
 											class="w3-button w3-round-large w3-padding w3-blue-gray w3-margin-top"
@@ -298,7 +298,7 @@

 		<!-- Technlology Section -->
 		<div class="w3-container w3-padding-64 w3-light-grey w3-center">
-			<h1 class="w3-jumbo"><b>Built the Old Fashioned Way</b></h1>
+			<h1 class="w3-jumbo"><b>Built to Last</b></h1>
 			<p>
 				Tilde Friends strives to use only simple and widely adopted dependencies
 				in order to keep it easy to build for all sorts of platforms and
@@ -340,10 +340,6 @@
 					<i class="fa fa-lock w3-text-purple w3-jumbo"></i>
 					<p>libsodium</p>
 				</a>
-				<a href="https://github.com/openssl/openssl/releases" class="w3-col s3">
-					<i class="fa fa-shield-halved w3-text-green w3-jumbo"></i>
-					<p>OpenSSL</p>
-				</a>
 				<a
 					href="https://github.com/ianlancetaylor/libbacktrace"
 					class="w3-col s3"
@@ -351,13 +347,13 @@
 					<i class="fa fa-burst w3-text-pink w3-jumbo"></i>
 					<p>libbacktrace</p>
 				</a>
-			</div>
-
-			<div class="w3-row" style="margin-top: 64px">
 				<a href="https://codemirror.net/docs/changelog/" class="w3-col s3">
 					<i class="fa fa-keyboard w3-text-indigo w3-jumbo"></i>
 					<p>CodeMirror</p>
 				</a>
+			</div>
+
+			<div class="w3-row" style="margin-top: 64px">
 				<a href="https://github.com/jlfwong/speedscope/" class="w3-col s3">
 					<i class="fa fa-microscope w3-text-orange w3-jumbo"></i>
 					<p>Speedscope</p>
@@ -370,9 +366,6 @@
 					<i class="fa fa-book-atlas w3-text-purple w3-jumbo"></i>
 					<p>c-ares</p>
 				</a>
-			</div>
-
-			<div class="w3-row" style="margin-top: 64px">
 				<a href="https://www.gnu.org/software/make/" class="w3-col s3">
 					<i class="fa fa-hammer w3-text-teal w3-jumbo"></i>
 					<p>GNU Make</p>
--- a/core/app.js
+++ b/core/app.js
@@ -149,7 +149,7 @@ exports.app_socket = async function socket(request, response) {
 								parentApp: parentApp,
 								id: blobId,
 							},
-							await ssb.getIdentityInfo(
+							await ssb_internal.getIdentityInfo(
 								credentials?.session?.name,
 								packageOwner,
 								packageName
--- a/core/auth.html
+++ b/core/auth.html
@@ -75,6 +75,10 @@
 								margin-bottom: 1em;
 								padding: 1em;
 							}
+							#code_of_conduct:has(>textarea:empty) {
+								display: none;
+								width: 100%;
+							}
 						</style>
 						<div style="display: flex; flex-direction: column; max-width: 1280px; margin: auto">
 							<h1 ?hidden=${this.name}>Welcome.</h1>
@@ -126,8 +130,10 @@
 								There is currently no administrator.  You will be made administrator.
 							</div>

-							<h2>Code of Conduct</h2>
-							<textarea readonly rows="20" cols="80" style="resize: none">${this.code_of_conduct}</textarea>
+							<div id="code_of_conduct">
+								<h2>Code of Conduct</h2>
+								<textarea readonly rows="20" style="resize: none; width: 100%">${this.code_of_conduct}</textarea>
+							</div>
 						</div>
 					`;
 				}
--- a/core/client.js
+++ b/core/client.js
@@ -9,18 +9,17 @@
 import {LitElement, html, css, svg} from '/lit/lit-all.min.js';

 let cm6;
-let gSocket;

-let gCurrentFile;
-let gFiles = {};
-let gApp = {files: {}, emoji: '📦'};
-let gEditor;
-let gOriginalInput;
-let gUnloading;
+let g_socket;
+let g_current_file;
+let g_files = {};
+let g_app = {files: {}, emoji: '📦'};
+let g_editor;
+let g_unloading;

-let kErrorColor = '#dc322f';
-let kDisconnectColor = '#f00';
-let kStatusColor = '#fff';
+let k_color_error = '#dc322f';
+let k_color_disconnect = '#f00';
+let k_color_status = '#fff';
 /** \endcond */

 /** Functions that server-side app code can call through the app object. */
@@ -30,7 +29,10 @@ const k_api = {
 	error: {args: ['error'], func: api_error},
 	localStorageSet: {args: ['key', 'value'], func: api_localStorageSet},
 	localStorageGet: {args: ['key'], func: api_localStorageGet},
-	requestPermission: {args: ['permission', 'id'], func: api_requestPermission},
+	requestPermission: {
+		args: ['permission', 'id', 'description'],
+		func: api_requestPermission,
+	},
 	print: {args: ['...'], func: api_print},
 	setHash: {args: ['hash'], func: api_setHash},
 };
@@ -370,16 +372,15 @@ class TfNavigationElement extends LitElement {
 					>${this.version?.number}</span
 				>
 				<a
-					class="w3-bar-item"
+					class="w3-bar-item w3-button w3-text-white"
 					accesskey="h"
 					@mouseover=${set_access_key_title}
 					data-tip="Open home app."
 					href="/"
-					style="color: #fff; white-space: nowrap"
 					>TF</a
 				>
 				<a
-					class="w3-bar-item"
+					class="w3-bar-item w3-button w3-text-light-gray"
 					accesskey="a"
 					@mouseover=${set_access_key_title}
 					data-tip="Open apps list."
@@ -387,7 +388,7 @@ class TfNavigationElement extends LitElement {
 					>apps</a
 				>
 				<a
-					class="w3-bar-item"
+					class="w3-bar-item w3-button w3-text-light-gray"
 					accesskey="e"
 					@mouseover=${set_access_key_title}
 					data-tip="Toggle the app editor."
@@ -396,7 +397,7 @@ class TfNavigationElement extends LitElement {
 					>edit</a
 				>
 				<a
-					class="w3-bar-item"
+					class="w3-bar-item w3-button"
 					accesskey="p"
 					@mouseover=${set_access_key_title}
 					data-tip="View and change permissions."
@@ -410,7 +411,7 @@ class TfNavigationElement extends LitElement {
 							<link type="text/css" rel="stylesheet" href="/static/w3.css" />
 							<div
 								class="w3-bar-item"
-								style="color: ${this.status.color ?? kStatusColor}"
+								style="color: ${this.status.color ?? k_color_status}"
 							>
 								${this.status.message}
 							</div>
@@ -429,7 +430,7 @@ class TfNavigationElement extends LitElement {
 					<div class="w3-model w3-animate-top" style="position: absolute; left: 50%; transform: translate(-50%); z-index: 1">
 						<dijv class="w3-modal-content w3-card-4" style="display: block; padding: 1em">
 							<span id="close_error" @click=${self.clear_error} class="w3-button w3-display-topright">&times;</span>
-							<div style="color: ${this.status.color ?? kErrorColor}"><b>ERROR:</b><p id="error" style="white-space: pre">${this.status.message}</p></div>
+							<div style="color: ${this.status.color ?? k_color_error}"><b>ERROR:</b><p id="error" style="white-space: pre">${this.status.message}</p></div>
 						</div>
 					</div>
 					`
@@ -438,6 +439,9 @@ class TfNavigationElement extends LitElement {
 	}
 }

+/**
+ * Create a tf-navigation element.
+ */
 customElements.define('tf-navigation', TfNavigationElement);

 /**
@@ -518,7 +522,7 @@ class TfFilesElement extends LitElement {
 		for (let file of event.dataTransfer.files) {
 			let buffer = await file.arrayBuffer();
 			let text = new TextDecoder('latin1').decode(buffer);
-			gFiles[file.name] = {
+			g_files[file.name] = {
 				doc: cm6.EditorState.create({
 					doc: text,
 					extensions: cm6.extensions,
@@ -526,9 +530,9 @@ class TfFilesElement extends LitElement {
 				buffer: buffer,
 				isNew: true,
 			};
-			gCurrentFile = file.name;
+			g_current_file = file.name;
 		}
-		openFile(gCurrentFile);
+		openFile(g_current_file);
 		updateFiles();
 	}

@@ -892,11 +896,11 @@ async function edit() {
 		: 'flex';

 	try {
-		if (!gEditor) {
+		if (!g_editor) {
 			cm6 = await import('/codemirror/cm6.js');
-			gEditor = cm6.TildeFriendsEditorView(document.getElementById('editor'));
+			g_editor = cm6.TildeFriendsEditorView(document.getElementById('editor'));
 		}
-		gEditor.onDocChange = updateFiles;
+		g_editor.onDocChange = updateFiles;
 		await load();
 	} catch (error) {
 		alert(`${error.message}\n\n${error.stack}`);
@@ -908,7 +912,7 @@ async function edit() {
 * Open a performance trace.
 */
 function trace() {
-	window.open(`/speedscope/#profileURL=${encodeURIComponent('/trace')}`);
+	window.open(`/~core/trace/`);
 }

 /**
@@ -929,13 +933,13 @@ function loadFile(name, id) {
 			return response.text();
 		})
 		.then(function (text) {
-			gFiles[name].doc = cm6.EditorState.create({
+			g_files[name].doc = cm6.EditorState.create({
 				doc: text,
 				extensions: cm6.extensions,
 			});
-			gFiles[name].original = gFiles[name].doc.doc.toString();
-			if (!Object.values(gFiles).some((x) => !x.doc)) {
-				openFile(Object.keys(gFiles).sort()[0]);
+			g_files[name].original = g_files[name].doc.doc.toString();
+			if (!Object.values(g_files).some((x) => !x.doc)) {
+				openFile(Object.keys(g_files).sort()[0]);
 			}
 		});
 }
@@ -953,31 +957,31 @@ async function load(path) {
 	} else if (response.status != 404) {
 		throw new Error(response.status + ' ' + response.statusText);
 	}
-	gFiles = {};
+	g_files = {};
 	let isApp = false;
 	let promises = [];

 	if (json && json['type'] == 'tildefriends-app') {
 		isApp = true;
 		Object.keys(json['files']).forEach(function (name) {
-			gFiles[name] = {};
+			g_files[name] = {};
 			promises.push(loadFile(name, json['files'][name]));
 		});
 		if (Object.keys(json['files']).length == 0) {
 			document.getElementById('editPane').style.display = 'flex';
 		}
-		gApp = json;
-		gApp.emoji = gApp.emoji || '📦';
-		document.getElementById('icon').innerHTML = gApp.emoji;
+		g_app = json;
+		g_app.emoji = g_app.emoji || '📦';
+		document.getElementById('icon').innerHTML = g_app.emoji;
 	}
 	if (!isApp) {
 		document.getElementById('editPane').style.display = 'flex';
 		let text = '// New script.\n';
-		gCurrentFile = 'app.js';
-		gFiles[gCurrentFile] = {
+		g_current_file = 'app.js';
+		g_files[g_current_file] = {
 			doc: cm6.EditorState.create({doc: text, extensions: cm6.extensions}),
 		};
-		openFile(gCurrentFile);
+		openFile(g_current_file);
 	}
 	return Promise.all(promises);
 }
@@ -998,13 +1002,14 @@ function closeEditor() {
 */
 function save(save_to) {
 	document.getElementById('save').disabled = true;
-	if (gCurrentFile) {
-		gFiles[gCurrentFile].doc = gEditor.state;
+	if (g_current_file) {
+		g_files[g_current_file].doc = g_editor.state;
 		if (
-			!gFiles[gCurrentFile].isNew &&
-			!gFiles[gCurrentFile].doc.doc.toString() == gFiles[gCurrentFile].original
+			!g_files[g_current_file].isNew &&
+			!g_files[g_current_file].doc.doc.toString() ==
+				g_files[g_current_file].original
 		) {
-			delete gFiles[gCurrentFile].buffer;
+			delete g_files[g_current_file].buffer;
 		}
 	}

@@ -1019,8 +1024,8 @@ function save(save_to) {
 	}

 	let promises = [];
-	for (let name of Object.keys(gFiles)) {
-		let file = gFiles[name];
+	for (let name of Object.keys(g_files)) {
+		let file = g_files[name];
 		if (!file.isNew && file.doc.doc.toString() == file.original) {
 			continue;
 		}
@@ -1062,14 +1067,14 @@ function save(save_to) {
 			let app = {
 				type: 'tildefriends-app',
 				files: Object.fromEntries(
-					Object.keys(gFiles).map((x) => [x, gFiles[x].id || gApp.files[x]])
+					Object.keys(g_files).map((x) => [x, g_files[x].id || g_app.files[x]])
 				),
-				emoji: gApp.emoji || '📦',
+				emoji: g_app.emoji || '📦',
 			};
-			Object.values(gFiles).forEach(function (file) {
+			Object.values(g_files).forEach(function (file) {
 				delete file.id;
 			});
-			gApp = JSON.parse(JSON.stringify(app));
+			g_app = JSON.parse(JSON.stringify(app));

 			return fetch(save_path + 'save', {
 				method: 'POST',
@@ -1084,7 +1089,7 @@ function save(save_to) {

 				if (save_path != window.location.pathname) {
 					alert('Saved to ' + save_path + '.');
-				} else if (!gFiles['app.js']) {
+				} else if (!g_files['app.js']) {
 					window.location.reload();
 				} else {
 					reconnect(save_path);
@@ -1096,7 +1101,7 @@ function save(save_to) {
 		})
 		.finally(function () {
 			document.getElementById('save').disabled = false;
-			Object.values(gFiles).forEach(function (file) {
+			Object.values(g_files).forEach(function (file) {
 				file.original = file.doc.doc.toString();
 			});
 			updateFiles();
@@ -1109,8 +1114,8 @@ function save(save_to) {
 function changeIcon() {
 	let value = prompt('Enter a new app icon emoji:');
 	if (value !== undefined) {
-		gApp.emoji = value || '📦';
-		document.getElementById('icon').innerHTML = gApp.emoji;
+		g_app.emoji = value || '📦';
+		document.getElementById('icon').innerHTML = g_app.emoji;
 	}
 }

@@ -1187,9 +1192,12 @@ function api_postMessage(message) {
 function api_error(error) {
 	if (error) {
 		if (typeof error == 'string') {
-			setStatusMessage('⚠️ ' + error, kErrorColor);
+			setStatusMessage('⚠️ ' + error, k_color_error);
 		} else {
-			setStatusMessage('⚠️ ' + error.message + '\n' + error.stack, kErrorColor);
+			setStatusMessage(
+				'⚠️ ' + error.message + '\n' + error.stack,
+				k_color_error
+			);
 		}
 	}
 	console.log('error', error);
@@ -1216,10 +1224,10 @@ function api_localStorageGet(key) {
 /**
 * Request a permission
 * @param permission The permission to request.
- * @param id The id requeesting the permission.
+ * @param description An optional human-readable description of the action for which the permission is being requested.
 * @return A promise fulfilled if the permission was granted.
 */
-function api_requestPermission(permission, id) {
+function api_requestPermission(permission, description) {
 	let outer = document.createElement('div');
 	outer.classList.add('permissions');

@@ -1236,6 +1244,18 @@ function api_requestPermission(permission, id) {
 	div.appendChild(span);
 	container.appendChild(div);

+	if (description) {
+		container.appendChild(document.createTextNode('for the action:'));
+		let description_div = document.createElement('div');
+		description_div.classList.add('w3-border');
+		description_div.classList.add('w3-padding');
+		description_div.style.backgroundColor = '#666';
+		description_div.style.maxHeight = '3em';
+		description_div.style.overflow = 'auto';
+		description_div.appendChild(document.createTextNode(description));
+		container.appendChild(description_div);
+	}
+
 	div = document.createElement('div');
 	div.style = 'padding: 1em';
 	let check = document.createElement('input');
@@ -1306,7 +1326,7 @@ function api_setHash(hash) {
 */
 function _receive_websocket_message(message) {
 	if (message && message.action == 'session') {
-		setStatusMessage('🟢 Executing...', kStatusColor);
+		setStatusMessage('🟢 Executing...', k_color_status);
 		let navigation = document.getElementsByTagName('tf-navigation')[0];
 		navigation.credentials = message.credentials;
 		navigation.identities = message.identities;
@@ -1406,7 +1426,7 @@ function setStatusMessage(message, color) {
 	document.getElementsByTagName('tf-navigation')[0].status = {
 		message: message,
 		color: color,
-		is_error: color == kErrorColor,
+		is_error: color == k_color_error,
 	};
 }

@@ -1416,11 +1436,11 @@ function setStatusMessage(message, color) {
 */
 function send(value) {
 	try {
-		if (gSocket && gSocket.readyState == gSocket.OPEN) {
-			gSocket.send(JSON.stringify(value));
+		if (g_socket && g_socket.readyState == g_socket.OPEN) {
+			g_socket.send(JSON.stringify(value));
 		}
 	} catch (error) {
-		setStatusMessage('🤷 Send failed: ' + error.toString(), kErrorColor);
+		setStatusMessage('🤷 Send failed: ' + error.toString(), k_color_error);
 	}
 }

@@ -1435,7 +1455,7 @@ function hashChange() {
 * Make sure the app is connected on window focus, and notify the app.
 */
 function focus() {
-	if (gSocket && gSocket.readyState == gSocket.CLOSED) {
+	if (g_socket && g_socket.readyState == g_socket.CLOSED) {
 		connectSocket();
 	} else {
 		send({event: 'focus'});
@@ -1446,9 +1466,7 @@ function focus() {
 * Notify the app of lost focus.
 */
 function blur() {
-	if (gSocket && gSocket.readyState == gSocket.OPEN) {
-		send({event: 'blur'});
-	}
+	send({event: 'blur'});
 }

 /**
@@ -1505,8 +1523,8 @@ function message(event) {
 * @param path The path to which the WebSocket should be connected.
 */
 function reconnect(path) {
-	let oldSocket = gSocket;
-	gSocket = null;
+	let oldSocket = g_socket;
+	g_socket = null;
 	if (oldSocket) {
 		oldSocket.onopen = null;
 		oldSocket.onclose = null;
@@ -1521,24 +1539,24 @@ function reconnect(path) {
 * @param path The path to which to connect.
 */
 function connectSocket(path) {
-	if (!gSocket || gSocket.readyState != gSocket.OPEN) {
-		if (gSocket) {
-			gSocket.onopen = null;
-			gSocket.onclose = null;
-			gSocket.onmessage = null;
-			gSocket.close();
+	if (!g_socket || g_socket.readyState != g_socket.OPEN) {
+		if (g_socket) {
+			g_socket.onopen = null;
+			g_socket.onclose = null;
+			g_socket.onmessage = null;
+			g_socket.close();
 		}
-		setStatusMessage('⚪ Connecting...', kStatusColor);
-		gSocket = new WebSocket(
+		setStatusMessage('⚪ Connecting...', k_color_status);
+		g_socket = new WebSocket(
 			(window.location.protocol == 'https:' ? 'wss://' : 'ws://') +
 				window.location.hostname +
 				(window.location.port.length ? ':' + window.location.port : '') +
 				'/app/socket'
 		);
-		gSocket.onopen = function () {
-			setStatusMessage('🟡 Authenticating...', kStatusColor);
+		g_socket.onopen = function () {
+			setStatusMessage('🟡 Authenticating...', k_color_status);
 			let connect_path = path ?? window.location.pathname;
-			gSocket.send(
+			g_socket.send(
 				JSON.stringify({
 					action: 'hello',
 					path: connect_path,
@@ -1550,12 +1568,12 @@ function connectSocket(path) {
 				})
 			);
 		};
-		gSocket.onmessage = function (event) {
+		g_socket.onmessage = function (event) {
 			_receive_websocket_message(JSON.parse(event.data));
 		};
-		gSocket.onclose = function (event) {
-			if (gUnloading) {
-				setStatusMessage('⚪ Closing...', kStatusColor);
+		g_socket.onclose = function (event) {
+			if (g_unloading) {
+				setStatusMessage('⚪ Closing...', k_color_status);
 			} else {
 				const k_codes = {
 					1000: 'Normal closure',
@@ -1576,7 +1594,7 @@ function connectSocket(path) {
 				};
 				setStatusMessage(
 					'🔴 Closed: ' + (k_codes[event.code] || event.code),
-					kDisconnectColor
+					k_color_disconnect
 				);
 			}
 		};
@@ -1589,24 +1607,24 @@ function connectSocket(path) {
 */
 function openFile(name) {
 	let newDoc =
-		name && gFiles[name]
-			? gFiles[name].doc
+		name && g_files[name]
+			? g_files[name].doc
 			: cm6.EditorState.create({doc: '', extensions: cm6.extensions});
-	let oldDoc = gEditor.state;
-	gEditor.setState(newDoc);
+	let oldDoc = g_editor.state;
+	g_editor.setState(newDoc);

-	if (gFiles[gCurrentFile]) {
-		gFiles[gCurrentFile].doc = oldDoc;
+	if (g_files[g_current_file]) {
+		g_files[g_current_file].doc = oldDoc;
 		if (
-			!gFiles[gCurrentFile].isNew &&
-			gFiles[gCurrentFile].doc.doc.toString() == oldDoc.doc.toString()
+			!g_files[g_current_file].isNew &&
+			g_files[g_current_file].doc.doc.toString() == oldDoc.doc.toString()
 		) {
-			delete gFiles[gCurrentFile].buffer;
+			delete g_files[g_current_file].buffer;
 		}
 	}
-	gCurrentFile = name;
+	g_current_file = name;
 	updateFiles();
-	gEditor.focus();
+	g_editor.focus();
 }

 /**
@@ -1616,19 +1634,19 @@ function updateFiles() {
 	let files = document.getElementsByTagName('tf-files-pane')[0];
 	if (files) {
 		files.files = Object.fromEntries(
-			Object.keys(gFiles).map((file) => [
+			Object.keys(g_files).map((file) => [
 				file,
 				{
 					clean:
-						(file == gCurrentFile
-							? gEditor.state.doc.toString()
-							: gFiles[file].doc.doc.toString()) == gFiles[file].original,
+						(file == g_current_file
+							? g_editor.state.doc.toString()
+							: g_files[file].doc.doc.toString()) == g_files[file].original,
 				},
 			])
 		);
-		files.current = gCurrentFile;
+		files.current = g_current_file;
 	}
-	gEditor.focus();
+	g_editor.focus();
 }

 /**
@@ -1636,7 +1654,7 @@ function updateFiles() {
 * @param name The file's name.
 */
 function makeNewFile(name) {
-	gFiles[name] = {
+	g_files[name] = {
 		doc: cm6.EditorState.create({extensions: cm6.extensions}),
 	};
 	openFile(name);
@@ -1647,7 +1665,7 @@ function makeNewFile(name) {
 */
 function newFile() {
 	let name = prompt('Name of new file:', 'file.js');
-	if (name && !gFiles[name]) {
+	if (name && !g_files[name]) {
 		makeNewFile(name);
 	}
 }
@@ -1656,9 +1674,9 @@ function newFile() {
 * Prompt to remove a file.
 */
 function removeFile() {
-	if (confirm('Remove ' + gCurrentFile + '?')) {
-		delete gFiles[gCurrentFile];
-		openFile(Object.keys(gFiles)[0]);
+	if (confirm('Remove ' + g_current_file + '?')) {
+		delete g_files[g_current_file];
+		openFile(Object.keys(g_files)[0]);
 	}
 }

@@ -1674,13 +1692,13 @@ async function appExport() {
 		`${name}.json`,
 		JSON.stringify({
 			type: 'tildefriends-app',
-			emoji: gApp.emoji || '📦',
+			emoji: g_app.emoji || '📦',
 		})
 	);
-	for (let file of Object.keys(gFiles)) {
+	for (let file of Object.keys(g_files)) {
 		zip.file(
 			`${name}/${file}`,
-			gFiles[file].buffer ?? gFiles[file].doc.doc.toString()
+			g_files[file].buffer ?? g_files[file].doc.doc.toString()
 		);
 	}
 	let content = await zip.generateAsync({
@@ -1799,9 +1817,9 @@ async function sourcePretty() {
 	let babel = (await import('/prettier/babel.mjs')).default;
 	let estree = (await import('/prettier/estree.mjs')).default;
 	let prettier_html = (await import('/prettier/html.mjs')).default;
-	let source = gEditor.state.doc.toString();
+	let source = g_editor.state.doc.toString();
 	let formatted = await prettier.format(source, {
-		parser: gCurrentFile?.toLowerCase()?.endsWith('.html') ? 'html' : 'babel',
+		parser: g_current_file?.toLowerCase()?.endsWith('.html') ? 'html' : 'babel',
 		plugins: [babel, estree, prettier_html],
 		trailingComma: 'es5',
 		useTabs: true,
@@ -1810,10 +1828,10 @@ async function sourcePretty() {
 		bracketSpacing: false,
 	});
 	if (source !== formatted) {
-		gEditor.dispatch({
+		g_editor.dispatch({
 			changes: {
 				from: 0,
-				to: gEditor.state.doc.length,
+				to: g_editor.state.doc.length,
 				insert: formatted,
 			},
 		});
@@ -1858,7 +1876,7 @@ window.addEventListener('load', function () {
 	window.addEventListener('message', message, false);
 	window.addEventListener('online', connectSocket);
 	window.addEventListener('beforeunload', function () {
-		gUnloading = true;
+		g_unloading = true;
 	});
 	document.getElementById('name').value = window.location.pathname;
 	document
--- a/core/core.js
+++ b/core/core.js
@@ -7,7 +7,6 @@

 /** \cond */
 import * as app from './app.js';
-import * as http from './http.js';

 export {invoke, getProcessBlob};
 /** \endcond */
@@ -18,6 +17,8 @@ let gProcesses = {};
 let gStatsTimer = false;
 /** Effectively a process ID. */
 let g_handler_index = 0;
+/** Whether updating accounts information is currently scheduled. */
+let g_update_accounts_scheduled;
 /** Time between pings, in milliseconds. */
 const k_ping_interval = 60 * 1000;

@@ -179,6 +180,7 @@ async function getProcessBlob(blobId, key, options) {
 			process.task = new Task();
 			process.packageOwner = options.packageOwner;
 			process.packageName = options.packageName;
+			process.url = options?.url;
 			process.eventHandlers = {};
 			if (!options?.script || options?.script === 'app.js') {
 				process.app = new app.App();
@@ -192,54 +194,13 @@ async function getProcessBlob(blobId, key, options) {
 			});
 			gProcesses[key] = process;
 			process.task.onExit = function (exitCode, terminationSignal) {
-				broadcastEvent('onSessionEnd', [getUser(process, process)]);
 				process.task = null;
 				delete gProcesses[key];
 			};
 			let imports = {
 				core: {
 					broadcast: broadcast.bind(process),
-					register: function (eventName, handler) {
-						if (!process.eventHandlers[eventName]) {
-							process.eventHandlers[eventName] = [];
-						}
-						process.eventHandlers[eventName].push(handler);
-					},
-					unregister: function (eventName, handler) {
-						if (process.eventHandlers[eventName]) {
-							let index = process.eventHandlers[eventName].indexOf(handler);
-							if (index != -1) {
-								process.eventHandlers[eventName].splice(index, 1);
-							}
-							if (process.eventHandlers[eventName].length == 0) {
-								delete process.eventHandlers[eventName];
-							}
-						}
-					},
 					user: getUser(process, process),
-					users: async function () {
-						try {
-							return JSON.parse(await new Database('auth').get('users'));
-						} catch {
-							return [];
-						}
-					},
-					permissionsGranted: async function () {
-						let user = process?.credentials?.session?.name;
-						let settings = await loadSettings();
-						if (
-							user &&
-							options?.packageOwner &&
-							options?.packageName &&
-							settings.userPermissions &&
-							settings.userPermissions[user] &&
-							settings.userPermissions[user][options.packageOwner]
-						) {
-							return settings.userPermissions[user][options.packageOwner][
-								options.packageName
-							];
-						}
-					},
 					allPermissionsGranted: async function () {
 						let user = process?.credentials?.session?.name;
 						let settings = await loadSettings();
@@ -253,12 +214,7 @@ async function getProcessBlob(blobId, key, options) {
 							return settings.userPermissions[user];
 						}
 					},
-					permissionsForUser: async function (user) {
-						let settings = await loadSettings();
-						return settings?.permissions?.[user] ?? [];
-					},
-					getSockets: getSockets,
-					permissionTest: async function (permission) {
+					permissionTest: async function (permission, description) {
 						let user = process?.credentials?.session?.name;
 						let settings = await loadSettings();
 						if (!user || !options?.packageOwner || !options?.packageName) {
@@ -285,7 +241,7 @@ async function getProcessBlob(blobId, key, options) {
 							}
 						} else if (process.app) {
 							return process.app
-								.makeFunction(['requestPermission'])(permission)
+								.makeFunction(['requestPermission'])(permission, description)
 								.then(async function (value) {
 									if (value == 'allow') {
 										await ssb.setUserPermission(
@@ -318,26 +274,26 @@ async function getProcessBlob(blobId, key, options) {
 							throw Error(`Permission denied: ${permission}.`);
 						}
 					},
-					app: {
-						owner: options?.packageOwner,
-						name: options?.packageName,
-					},
-					url: options?.url,
 				},
 			};
 			process.sendIdentities = async function () {
-				process.app.send(
-					Object.assign(
-						{
-							action: 'identities',
-						},
-						await ssb.getIdentityInfo(
-							process?.credentials?.session?.name,
-							options?.packageOwner,
-							options?.packageName
-						)
-					)
+				let identities = await ssb_internal.getIdentityInfo(
+					process?.credentials?.session?.name,
+					options?.packageOwner,
+					options?.packageName
 				);
+				let json = JSON.stringify(identities);
+				if (process._last_sent_identities !== json) {
+					process.app.send(
+						Object.assign(
+							{
+								action: 'identities',
+							},
+							identities
+						)
+					);
+					process._last_sent_identities = json;
+				}
 			};
 			process.setActiveIdentity = async function (identity) {
 				if (
@@ -374,7 +330,7 @@ async function getProcessBlob(blobId, key, options) {
 						options.packageName,
 						'setActiveIdentity',
 						[
-							await ssb.getActiveIdentity(
+							await imports.ssb.getActiveIdentity(
 								process.credentials?.session?.name,
 								options.packageOwner,
 								options.packageName
@@ -387,21 +343,11 @@ async function getProcessBlob(blobId, key, options) {
 				}
 			};
 			if (process.credentials?.permissions?.administration) {
-				imports.core.globalSettingsDescriptions = async function () {
-					let settings = Object.assign({}, defaultGlobalSettings());
-					for (let [key, value] of Object.entries(await loadSettings())) {
-						if (settings[key]) {
-							settings[key].value = value;
-						}
-					}
-					return settings;
-				};
-				imports.core.globalSettingsGet = async function (key) {
-					let settings = await loadSettings();
-					return settings?.[key];
-				};
 				imports.core.globalSettingsSet = async function (key, value) {
-					await imports.core.permissionTest('set_global_setting');
+					await imports.core.permissionTest(
+						'set_global_setting',
+						`Set ${JSON.stringify(key)} to ${JSON.stringify(value)}.`
+					);
 					print('Setting', key, value);
 					let settings = await loadSettings();
 					settings[key] = value;
@@ -481,26 +427,6 @@ async function getProcessBlob(blobId, key, options) {
 				}
 			};
 			imports.ssb.setActiveIdentity = (id) => process.setActiveIdentity(id);
-			imports.ssb.getActiveIdentity = () =>
-				ssb.getActiveIdentity(
-					process.credentials?.session?.name,
-					options.packageOwner,
-					options.packageName
-				);
-			imports.ssb.getOwnerIdentities = function () {
-				if (options.packageOwner) {
-					return ssb.getIdentities(options.packageOwner);
-				}
-			};
-			imports.ssb.getIdentities = function () {
-				if (
-					process.credentials &&
-					process.credentials.session &&
-					process.credentials.session.name
-				) {
-					return ssb.getIdentities(process.credentials.session.name);
-				}
-			};
 			imports.ssb.getPrivateKey = function (id) {
 				if (
 					process.credentials &&
@@ -520,8 +446,18 @@ async function getProcessBlob(blobId, key, options) {
 					process.credentials.session &&
 					process.credentials.session.name
 				) {
+					let action;
+					try {
+						if (message?.type === 'vote' && message?.vote?.expression) {
+							action = `React with ${message?.vote?.expression}.`;
+						} else if (typeof message === 'string') {
+							action = `Post a private message.`;
+						} else {
+							action = `Publish ${'aeiou'.indexOf(message?.type?.toLowerCase()?.substring(0, 1)) != -1 ? 'an' : 'a'} "${message?.type}" message.`;
+						}
+					} catch {}
 					return Promise.resolve(
-						imports.core.permissionTest('ssb_append')
+						imports.core.permissionTest('ssb_append', action)
 					).then(function () {
 						return ssb.appendMessageWithIdentity(
 							process.credentials.session.name,
@@ -570,13 +506,6 @@ async function getProcessBlob(blobId, key, options) {
 					);
 				}
 			};
-			imports.ssb.addEventListener = undefined;
-			imports.ssb.removeEventListener = undefined;
-			imports.ssb.getIdentityInfo = undefined;
-			imports.fetch = async function (url, options) {
-				let settings = await loadSettings();
-				return http.fetch(url, options, settings?.fetch_hosts);
-			};

 			if (
 				process.credentials &&
@@ -680,7 +609,6 @@ async function getProcessBlob(blobId, key, options) {
 			} catch (e) {
 				printError(e);
 			}
-			broadcastEvent('onSessionBegin', [getUser(process, process)]);
 			if (process.app) {
 				process.app.send({action: 'ready', version: version()});
 				await process.sendPermissions();
@@ -703,15 +631,39 @@ async function getProcessBlob(blobId, key, options) {
 	return process;
 }

-ssb.addEventListener('message', function () {
+/**
+ * Send any changed account information.
+ */
+function updateAccounts() {
+	g_update_accounts_scheduled = false;
+	let promises = [];
+	for (let process of Object.values(gProcesses)) {
+		promises.push(process.sendIdentities());
+	}
+	return Promise.all(promises);
+}
+
+/**
+ * SSB message added callback.
+ */
+ssb_internal.addEventListener('message', function () {
 	broadcastEvent('onMessage', [...arguments]);
+
+	if (!g_update_accounts_scheduled) {
+		setTimeout(updateAccounts, 1000);
+		g_update_accounts_scheduled = true;
+	}
 });

-ssb.addEventListener('broadcasts', function () {
+ssb_internal.addEventListener('blob', function () {
+	broadcastEvent('onBlob', [...arguments]);
+});
+
+ssb_internal.addEventListener('broadcasts', function () {
 	broadcastEvent('onBroadcastsChanged', []);
 });

-ssb.addEventListener('connections', function () {
+ssb_internal.addEventListener('connections', function () {
 	broadcastEvent('onConnectionsChanged', []);
 });

--- a/core/eula.html
+++ b/core/eula.html
@@ -0,0 +1,67 @@
+<!doctype html>
+<html>
+	<head>
+		<title>Tilde Friends Usage Agreement</title>
+		<link type="text/css" rel="stylesheet" href="/static/w3.css" />
+		<meta name="viewport" content="width=device-width, initial-scale=1" />
+	</head>
+	<body class="w3-container">
+		<h1>Tilde Friends Usage Agreement</h1>
+		<p>
+			Tilde Friends is an app that enables communication with other users
+			through the
+			<a href="https://ssbc.github.io/scuttlebutt-protocol-guide/"
+				>Secure Scuttlebutt</a
+			>
+			protocol.
+		</p>
+		<h2>Your actions are your responsibility</h2>
+		<p>
+			Apple tolerates no objectionable content or abusive users on their
+			platforms.
+		</p>
+		<p>
+			You are responsible for your own actions within this app. You are
+			responsible for complying with all applicable rules and laws.
+		</p>
+		<h2>You choose what you see</h2>
+		<p>
+			You are in full control of the content you see in Tilde Friends. The peers
+			to which you choose to connect and the users you choose to follow directly
+			determine the content presented to you. Initially you will be following no
+			one with no connections and as a result see no user-generated content.
+		</p>
+		<p>
+			If you encounter objectionable content, you can filter it from your view
+			by blocking the user who posted it. This also makes it so that users
+			following you will not see it as a consequence of following you.
+		</p>
+		<p>
+			The <code>admin</code> app contains a variety of settings that control the
+			types of connections Tilde Friends will make or accept, including whether
+			the app will even accept or make connections at all.
+		</p>
+		<h2>This app is not a service</h2>
+		<p>
+			Tilde Friends is an app. It relies on no servers. The author of this app
+			has no more ability to see or filter what you post or read than any other
+			user of the network.
+		</p>
+		<p>
+			If you believe objectionable content obtained from a service that is
+			running as part of the Secure Scuttlebutt network should be flagged,
+			report it to the operator of the service, generally by contacting the
+			email address listed when visiting the server address in a web browser.
+		</p>
+		<h2>Agreement</h2>
+		<p>
+			If you do not accept these terms, do not use this app. You may close and
+			delete it now.
+		</p>
+		<div class="w3-center w3-margin">
+			<a class="w3-button w3-blue w3-round-large" href="/eula/accept"
+				>Accept Agreement</a
+			>
+		</div>
+	</body>
+</html>
--- a/core/http.js
+++ b/core/http.js
@@ -1,121 +0,0 @@
-/**
- * \file
- * \defgroup tfhttp Tilde Friends HTTP Client JS
- * Tilde Friends server-side HTTP client.
- * @{
- */
-
-/**
- * Parse a URL into protocol, host, path, and port parts.
- * @param url
- * @return An object of the URL parts.
- */
-function parseUrl(url) {
-	// XXX: Hack.
-	let match = url.match(new RegExp('(\\w+)://([^/:]+)(?::(\\d+))?(.*)'));
-	return {
-		protocol: match[1],
-		host: match[2],
-		path: match[4],
-		port: match[3] ? parseInt(match[3]) : match[1] == 'http' ? 80 : 443,
-	};
-}
-
-/**
- * Parse an HTTP response into headers and body content.
- * @param data The response data, headers and body included.
- * @return headers and body data.
- */
-function parseResponse(data) {
-	let firstLine;
-	let headers = {};
-	while (true) {
-		let endLine = data.indexOf('\r\n');
-		let line = data.substring(0, endLine);
-		data = data.substring(endLine + 2);
-		if (!line.length) {
-			break;
-		} else if (!firstLine) {
-			firstLine = line;
-		} else {
-			let colon = line.indexOf(':');
-			headers[line.substring(colon)] = line.substring(colon + 1);
-		}
-	}
-	return {headers: headers, body: data};
-}
-
-/**
- * Make an HTTP request.
- * @param url The URL.
- * @param options Request options.
- * @param allowed_hosts List of allowed hosts.
- * @return A promise resolved with the response headers and body.
- */
-export function fetch(url, options, allowed_hosts) {
-	let parsed = parseUrl(url);
-	return new Promise(function (resolve, reject) {
-		if ((allowed_hosts ?? []).indexOf(parsed.host) == -1) {
-			throw new Error(`fetch() request to host ${parsed.host} is not allowed.`);
-		}
-		let socket = new Socket();
-		let buffer = new Uint8Array(0);
-
-		return socket
-			.connect(parsed.host, parsed.port)
-			.then(function () {
-				socket.read(function (data) {
-					if (data && data.length) {
-						let newBuffer = new Uint8Array(buffer.length + data.length);
-						newBuffer.set(buffer, 0);
-						newBuffer.set(data, buffer.length);
-						buffer = newBuffer;
-					} else {
-						let result = parseHttpResponse(buffer);
-						if (!result) {
-							reject(new Exception('Parse failed.'));
-						}
-						if (typeof result == 'number') {
-							if (result == -2) {
-								reject('Incomplete request.');
-							} else {
-								reject('Bad request.');
-							}
-						} else if (typeof result == 'object') {
-							resolve({
-								body: buffer.slice(result.bytes_parsed),
-								status: result.status,
-								message: result.message,
-								headers: result.headers,
-							});
-						} else {
-							reject(new Exception('Unexpected parse result.'));
-						}
-						resolve(parseResponse(utf8Decode(buffer)));
-					}
-				});
-
-				if (parsed.port == 443) {
-					return socket.startTls();
-				}
-			})
-			.then(function () {
-				let body =
-					typeof options?.body == 'string'
-						? utf8Encode(options.body)
-						: options.body || new Uint8Array(0);
-				let headers = utf8Encode(
-					`${options?.method ?? 'GET'} ${parsed.path} HTTP/1.0\r\nHost: ${parsed.host}\r\nConnection: close\r\nContent-Length: ${body.length}\r\n\r\n`
-				);
-				let fullRequest = new Uint8Array(headers.length + body.length);
-				fullRequest.set(headers, 0);
-				fullRequest.set(body, headers.length);
-				socket.write(fullRequest);
-			})
-			.catch(function (error) {
-				reject(error);
-			});
-	});
-}
-
-/** @} */
--- a/core/index.html
+++ b/core/index.html
@@ -5,7 +5,10 @@
 		<link type="text/css" rel="stylesheet" href="/static/style.css" />
 		<link type="text/css" rel="stylesheet" href="/static/w3.css" />
 		<link type="image/svg+xml" rel="icon" href="/static/tildefriends.svg" />
-		<meta name="viewport" content="width=device-width, initial-scale=1" />
+		<meta
+			name="viewport"
+			content="width=device-width, initial-scale=1, maximum-scale=1"
+		/>
 		<meta
 			name="title"
 			content="Tilde Friends - Make friends and apps from your web browser."
--- a/core/style.css
+++ b/core/style.css
@@ -152,4 +152,5 @@ body {
 	border-bottom: 4px solid #fff;
 	padding: 1em;
 	margin: 0 auto;
+	max-width: 80%;
 }
--- a/default.nix
+++ b/default.nix
@@ -25,14 +25,14 @@
 }:
 pkgs.stdenv.mkDerivation rec {
  pname = "tildefriends";
-  version = "0.0.33";
+  version = "0.2025.9";

  src = pkgs.fetchFromGitea {
    domain = "dev.tildefriends.net";
    owner = "cory";
    repo = "tildefriends";
    rev = "v${version}";
-    hash = "sha256-9D28gmaBTRVyXhY3zZd/W9PsXA1YZt/K69hz41aVP04=";
+    hash = "sha256-1nhsfhdOO5HIiiTMb+uROB8nDPL/UpOYm52hZ/OpPyk=";
    fetchSubmodules = true;
  };

--- a/deps/codemirror/cm6.js
+++ b/deps/codemirror/cm6.js
--- a/deps/codemirror_src/package-lock.json
+++ b/deps/codemirror_src/package-lock.json
@@ -19,9 +19,9 @@
      }
    },
    "node_modules/@codemirror/autocomplete": {
-      "version": "6.18.6",
-      "resolved": "https://registry.npmjs.org/@codemirror/autocomplete/-/autocomplete-6.18.6.tgz",
-      "integrity": "sha512-PHHBXFomUs5DF+9tCOM/UoW6XQ4R44lLNNhRaW9PKPTU0D7lIjRg3ElxaJnTwsl/oHiR93WSXDBrekhoUGCPtg==",
+      "version": "6.20.0",
+      "resolved": "https://registry.npmjs.org/@codemirror/autocomplete/-/autocomplete-6.20.0.tgz",
+      "integrity": "sha512-bOwvTOIJcG5FVo5gUUupiwYh8MioPLQ4UcqbcRf7UQ98X90tCa9E1kZ3Z7tqwpZxYyOvh1YTYbmZE9RTfTp5hg==",
      "license": "MIT",
      "dependencies": {
        "@codemirror/language": "^6.0.0",
@@ -31,9 +31,9 @@
      }
    },
    "node_modules/@codemirror/commands": {
-      "version": "6.8.1",
-      "resolved": "https://registry.npmjs.org/@codemirror/commands/-/commands-6.8.1.tgz",
-      "integrity": "sha512-KlGVYufHMQzxbdQONiLyGQDUW0itrLZwq3CcY7xpv9ZLRHqzkBSoteocBHtMCoY7/Ci4xhzSrToIeLg7FxHuaw==",
+      "version": "6.10.0",
+      "resolved": "https://registry.npmjs.org/@codemirror/commands/-/commands-6.10.0.tgz",
+      "integrity": "sha512-2xUIc5mHXQzT16JnyOFkh8PvfeXuIut3pslWGfsGOhxP/lpgRm9HOl/mpzLErgt5mXDovqA0d11P21gofRLb9w==",
      "license": "MIT",
      "dependencies": {
        "@codemirror/language": "^6.0.0",
@@ -56,9 +56,9 @@
      }
    },
    "node_modules/@codemirror/lang-html": {
-      "version": "6.4.9",
-      "resolved": "https://registry.npmjs.org/@codemirror/lang-html/-/lang-html-6.4.9.tgz",
-      "integrity": "sha512-aQv37pIMSlueybId/2PVSP6NPnmurFDVmZwzc7jszd2KAF8qd4VBbvNYPXWQq90WIARjsdVkPbw29pszmHws3Q==",
+      "version": "6.4.11",
+      "resolved": "https://registry.npmjs.org/@codemirror/lang-html/-/lang-html-6.4.11.tgz",
+      "integrity": "sha512-9NsXp7Nwp891pQchI7gPdTwBuSuT3K65NGTHWHNJ55HjYcHLllr0rbIZNdOzas9ztc1EUVBlHou85FFZS4BNnw==",
      "license": "MIT",
      "dependencies": {
        "@codemirror/autocomplete": "^6.0.0",
@@ -69,7 +69,7 @@
        "@codemirror/view": "^6.17.0",
        "@lezer/common": "^1.0.0",
        "@lezer/css": "^1.1.0",
-        "@lezer/html": "^1.3.0"
+        "@lezer/html": "^1.3.12"
      }
    },
    "node_modules/@codemirror/lang-javascript": {
@@ -112,9 +112,9 @@
      }
    },
    "node_modules/@codemirror/lint": {
-      "version": "6.8.5",
-      "resolved": "https://registry.npmjs.org/@codemirror/lint/-/lint-6.8.5.tgz",
-      "integrity": "sha512-s3n3KisH7dx3vsoeGMxsbRAgKe4O1vbrnKBClm99PU0fWxmxsx5rR2PfqQgIt+2MMJBHbiJ5rfIdLYfB9NNvsA==",
+      "version": "6.9.2",
+      "resolved": "https://registry.npmjs.org/@codemirror/lint/-/lint-6.9.2.tgz",
+      "integrity": "sha512-sv3DylBiIyi+xKwRCJAAsBZZZWo82shJ/RTMymLabAdtbkV5cSKwWDeCgtUq3v8flTaXS2y1kKkICuRYtUswyQ==",
      "license": "MIT",
      "dependencies": {
        "@codemirror/state": "^6.0.0",
@@ -155,9 +155,9 @@
      }
    },
    "node_modules/@codemirror/view": {
-      "version": "6.38.1",
-      "resolved": "https://registry.npmjs.org/@codemirror/view/-/view-6.38.1.tgz",
-      "integrity": "sha512-RmTOkE7hRU3OVREqFVITWHz6ocgBjv08GoePscAakgVQfciA3SGCEk7mb9IzwW61cKKmlTpHXG6DUE5Ubx+MGQ==",
+      "version": "6.38.8",
+      "resolved": "https://registry.npmjs.org/@codemirror/view/-/view-6.38.8.tgz",
+      "integrity": "sha512-XcE9fcnkHCbWkjeKyi0lllwXmBLtyYb5dt89dJyx23I9+LSh5vZDIuk7OLG4VM1lgrXZQcY6cxyZyk5WVPRv/A==",
      "license": "MIT",
      "dependencies": {
        "@codemirror/state": "^6.5.0",
@@ -206,9 +206,9 @@
      "license": "MIT"
    },
    "node_modules/@jridgewell/trace-mapping": {
-      "version": "0.3.30",
-      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.30.tgz",
-      "integrity": "sha512-GQ7Nw5G2lTu/BtHTKfXhKHok2WGetd4XYcVKGx00SjAk8GMwgJM3zr6zORiPGuOE+/vkc90KtTosSSvaCjKb2Q==",
+      "version": "0.3.31",
+      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.31.tgz",
+      "integrity": "sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
@@ -217,9 +217,9 @@
      }
    },
    "node_modules/@lezer/common": {
-      "version": "1.2.3",
-      "resolved": "https://registry.npmjs.org/@lezer/common/-/common-1.2.3.tgz",
-      "integrity": "sha512-w7ojc8ejBqr2REPsWxJjrMFsA/ysDCFICn8zEOR9mrqzOu2amhITYuLD8ag6XZf0CFXDrhKqw7+tW8cX66NaDA==",
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/@lezer/common/-/common-1.3.0.tgz",
+      "integrity": "sha512-L9X8uHCYU310o99L3/MpJKYxPzXPOS7S0NmBaM7UO/x2Kb2WbmMLSkfvdr1KxRIFYOpbY0Jhn7CfLSUDzL8arQ==",
      "license": "MIT"
    },
    "node_modules/@lezer/css": {
@@ -234,18 +234,18 @@
      }
    },
    "node_modules/@lezer/highlight": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/@lezer/highlight/-/highlight-1.2.1.tgz",
-      "integrity": "sha512-Z5duk4RN/3zuVO7Jq0pGLJ3qynpxUVsh7IbUbGj88+uV2ApSAn6kWg2au3iJb+0Zi7kKtqffIESgNcRXWZWmSA==",
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/@lezer/highlight/-/highlight-1.2.3.tgz",
+      "integrity": "sha512-qXdH7UqTvGfdVBINrgKhDsVTJTxactNNxLk7+UMwZhU13lMHaOBlJe9Vqp907ya56Y3+ed2tlqzys7jDkTmW0g==",
      "license": "MIT",
      "dependencies": {
-        "@lezer/common": "^1.0.0"
+        "@lezer/common": "^1.3.0"
      }
    },
    "node_modules/@lezer/html": {
-      "version": "1.3.10",
-      "resolved": "https://registry.npmjs.org/@lezer/html/-/html-1.3.10.tgz",
-      "integrity": "sha512-dqpT8nISx/p9Do3AchvYGV3qYc4/rKr3IBZxlHmpIKam56P47RSHkSF5f13Vu9hebS1jM0HmtJIwLbWz1VIY6w==",
+      "version": "1.3.12",
+      "resolved": "https://registry.npmjs.org/@lezer/html/-/html-1.3.12.tgz",
+      "integrity": "sha512-RJ7eRWdaJe3bsiiLLHjCFT1JMk8m1YP9kaUbvu2rMLEoOnke9mcTVDyfOslsln0LtujdWespjJ39w6zo+RsQYw==",
      "license": "MIT",
      "dependencies": {
        "@lezer/common": "^1.2.0",
@@ -254,9 +254,9 @@
      }
    },
    "node_modules/@lezer/javascript": {
-      "version": "1.5.1",
-      "resolved": "https://registry.npmjs.org/@lezer/javascript/-/javascript-1.5.1.tgz",
-      "integrity": "sha512-ATOImjeVJuvgm3JQ/bpo2Tmv55HSScE2MTPnKRMRIPx2cLhHGyX2VnqpHhtIV1tVzIjZDbcWQm+NCTF40ggZVw==",
+      "version": "1.5.4",
+      "resolved": "https://registry.npmjs.org/@lezer/javascript/-/javascript-1.5.4.tgz",
+      "integrity": "sha512-vvYx3MhWqeZtGPwDStM2dwgljd5smolYD2lR2UyFcHfxbBQebqx8yjmFmxtJ/E6nN6u1D9srOiVWm3Rb4tmcUA==",
      "license": "MIT",
      "dependencies": {
        "@lezer/common": "^1.2.0",
@@ -276,9 +276,9 @@
      }
    },
    "node_modules/@lezer/lr": {
-      "version": "1.4.2",
-      "resolved": "https://registry.npmjs.org/@lezer/lr/-/lr-1.4.2.tgz",
-      "integrity": "sha512-pu0K1jCIdnQ12aWNaAVU5bzi7Bd1w54J3ECgANPmYLtQKP0HBj2cE/5coBD66MT10xbtIuUr7tg0Shbsvk0mDA==",
+      "version": "1.4.3",
+      "resolved": "https://registry.npmjs.org/@lezer/lr/-/lr-1.4.3.tgz",
+      "integrity": "sha512-yenN5SqAxAPv/qMnpWW0AT7l+SxVrgG+u0tNsRQWqbrz66HIl8DnEbBObvy21J5K7+I1v7gsAnlE2VQ5yYVSeA==",
      "license": "MIT",
      "dependencies": {
        "@lezer/common": "^1.0.0"
@@ -338,9 +338,9 @@
      }
    },
    "node_modules/@rollup/pluginutils": {
-      "version": "5.2.0",
-      "resolved": "https://registry.npmjs.org/@rollup/pluginutils/-/pluginutils-5.2.0.tgz",
-      "integrity": "sha512-qWJ2ZTbmumwiLFomfzTyt5Kng4hwPi9rwCYN4SHb6eaRU1KNO4ccxINHr/VhH4GgPlt1XfSTLX2LBTme8ne4Zw==",
+      "version": "5.3.0",
+      "resolved": "https://registry.npmjs.org/@rollup/pluginutils/-/pluginutils-5.3.0.tgz",
+      "integrity": "sha512-5EdhGZtnu3V88ces7s53hhfK5KSASnJZv8Lulpc04cWO3REESroJXg73DFsOmgbU2BhwV0E20bu2IDZb3VKW4Q==",
      "license": "MIT",
      "dependencies": {
        "@types/estree": "^1.0.0",
@@ -360,9 +360,9 @@
      }
    },
    "node_modules/@rollup/rollup-android-arm-eabi": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.46.4.tgz",
-      "integrity": "sha512-B2wfzCJ+ps/OBzRjeds7DlJumCU3rXMxJJS1vzURyj7+KBHGONm7c9q1TfdBl4vCuNMkDvARn3PBl2wZzuR5mw==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.53.3.tgz",
+      "integrity": "sha512-mRSi+4cBjrRLoaal2PnqH82Wqyb+d3HsPUN/W+WslCXsZsyHa9ZeQQX/pQsZaVIWDkPcpV6jJ+3KLbTbgnwv8w==",
      "cpu": [
        "arm"
      ],
@@ -373,9 +373,9 @@
      ]
    },
    "node_modules/@rollup/rollup-android-arm64": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.46.4.tgz",
-      "integrity": "sha512-FGJYXvYdn8Bs6lAlBZYT5n+4x0ciEp4cmttsvKAZc/c8/JiPaQK8u0c/86vKX8lA7OY/+37lIQSe0YoAImvBAA==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.53.3.tgz",
+      "integrity": "sha512-CbDGaMpdE9sh7sCmTrTUyllhrg65t6SwhjlMJsLr+J8YjFuPmCEjbBSx4Z/e4SmDyH3aB5hGaJUP2ltV/vcs4w==",
      "cpu": [
        "arm64"
      ],
@@ -386,9 +386,9 @@
      ]
    },
    "node_modules/@rollup/rollup-darwin-arm64": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.46.4.tgz",
-      "integrity": "sha512-/9qwE/BM7ATw/W/OFEMTm3dmywbJyLQb4f4v5nmOjgYxPIGpw7HaxRi6LnD4Pjn/q7k55FGeHe1/OD02w63apA==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.53.3.tgz",
+      "integrity": "sha512-Nr7SlQeqIBpOV6BHHGZgYBuSdanCXuw09hon14MGOLGmXAFYjx1wNvquVPmpZnl0tLjg25dEdr4IQ6GgyToCUA==",
      "cpu": [
        "arm64"
      ],
@@ -399,9 +399,9 @@
      ]
    },
    "node_modules/@rollup/rollup-darwin-x64": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.46.4.tgz",
-      "integrity": "sha512-QkWfNbeRuzFnv2d0aPlrzcA3Ebq2mE8kX/5Pl7VdRShbPBjSnom7dbT8E3Jmhxo2RL784hyqGvR5KHavCJQciw==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.53.3.tgz",
+      "integrity": "sha512-DZ8N4CSNfl965CmPktJ8oBnfYr3F8dTTNBQkRlffnUarJ2ohudQD17sZBa097J8xhQ26AwhHJ5mvUyQW8ddTsQ==",
      "cpu": [
        "x64"
      ],
@@ -412,9 +412,9 @@
      ]
    },
    "node_modules/@rollup/rollup-freebsd-arm64": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.46.4.tgz",
-      "integrity": "sha512-+ToyOMYnSfV8D+ckxO6NthPln/PDNp1P6INcNypfZ7muLmEvPKXqduUiD8DlJpMMT8LxHcE5W0dK9kXfJke9Zw==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.53.3.tgz",
+      "integrity": "sha512-yMTrCrK92aGyi7GuDNtGn2sNW+Gdb4vErx4t3Gv/Tr+1zRb8ax4z8GWVRfr3Jw8zJWvpGHNpss3vVlbF58DZ4w==",
      "cpu": [
        "arm64"
      ],
@@ -425,9 +425,9 @@
      ]
    },
    "node_modules/@rollup/rollup-freebsd-x64": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.46.4.tgz",
-      "integrity": "sha512-cGT6ey/W+sje6zywbLiqmkfkO210FgRz7tepWAzzEVgQU8Hn91JJmQWNqs55IuglG8sJdzk7XfNgmGRtcYlo1w==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.53.3.tgz",
+      "integrity": "sha512-lMfF8X7QhdQzseM6XaX0vbno2m3hlyZFhwcndRMw8fbAGUGL3WFMBdK0hbUBIUYcEcMhVLr1SIamDeuLBnXS+Q==",
      "cpu": [
        "x64"
      ],
@@ -438,9 +438,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.46.4.tgz",
-      "integrity": "sha512-9fhTJyOb275w5RofPSl8lpr4jFowd+H4oQKJ9XTYzD1JWgxdZKE8bA6d4npuiMemkecQOcigX01FNZNCYnQBdA==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.53.3.tgz",
+      "integrity": "sha512-k9oD15soC/Ln6d2Wv/JOFPzZXIAIFLp6B+i14KhxAfnq76ajt0EhYc5YPeX6W1xJkAdItcVT+JhKl1QZh44/qw==",
      "cpu": [
        "arm"
      ],
@@ -451,9 +451,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-arm-musleabihf": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.46.4.tgz",
-      "integrity": "sha512-+6kCIM5Zjvz2HwPl/udgVs07tPMIp1VU2Y0c72ezjOvSvEfAIWsUgpcSDvnC7g9NrjYR6X9bZT92mZZ90TfvXw==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.53.3.tgz",
+      "integrity": "sha512-vTNlKq+N6CK/8UktsrFuc+/7NlEYVxgaEgRXVUVK258Z5ymho29skzW1sutgYjqNnquGwVUObAaxae8rZ6YMhg==",
      "cpu": [
        "arm"
      ],
@@ -464,9 +464,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-arm64-gnu": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.46.4.tgz",
-      "integrity": "sha512-SWuXdnsayCZL4lXoo6jn0yyAj7TTjWE4NwDVt9s7cmu6poMhtiras5c8h6Ih6Y0Zk6Z+8t/mLumvpdSPTWub2Q==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.53.3.tgz",
+      "integrity": "sha512-RGrFLWgMhSxRs/EWJMIFM1O5Mzuz3Xy3/mnxJp/5cVhZ2XoCAxJnmNsEyeMJtpK+wu0FJFWz+QF4mjCA7AUQ3w==",
      "cpu": [
        "arm64"
      ],
@@ -477,9 +477,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-arm64-musl": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.46.4.tgz",
-      "integrity": "sha512-vDknMDqtMhrrroa5kyX6tuC0aRZZlQ+ipDfbXd2YGz5HeV2t8HOl/FDAd2ynhs7Ki5VooWiiZcCtxiZ4IjqZwQ==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.53.3.tgz",
+      "integrity": "sha512-kASyvfBEWYPEwe0Qv4nfu6pNkITLTb32p4yTgzFCocHnJLAHs+9LjUu9ONIhvfT/5lv4YS5muBHyuV84epBo/A==",
      "cpu": [
        "arm64"
      ],
@@ -489,10 +489,10 @@
        "linux"
      ]
    },
-    "node_modules/@rollup/rollup-linux-loongarch64-gnu": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loongarch64-gnu/-/rollup-linux-loongarch64-gnu-4.46.4.tgz",
-      "integrity": "sha512-mCBkjRZWhvjtl/x+Bd4fQkWZT8canStKDxGrHlBiTnZmJnWygGcvBylzLVCZXka4dco5ymkWhZlLwKCGFF4ivw==",
+    "node_modules/@rollup/rollup-linux-loong64-gnu": {
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.53.3.tgz",
+      "integrity": "sha512-JiuKcp2teLJwQ7vkJ95EwESWkNRFJD7TQgYmCnrPtlu50b4XvT5MOmurWNrCj3IFdyjBQ5p9vnrX4JM6I8OE7g==",
      "cpu": [
        "loong64"
      ],
@@ -503,9 +503,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-ppc64-gnu": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.46.4.tgz",
-      "integrity": "sha512-YMdz2phOTFF+Z66dQfGf0gmeDSi5DJzY5bpZyeg9CPBkV9QDzJ1yFRlmi/j7WWRf3hYIWrOaJj5jsfwgc8GTHQ==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.53.3.tgz",
+      "integrity": "sha512-EoGSa8nd6d3T7zLuqdojxC20oBfNT8nexBbB/rkxgKj5T5vhpAQKKnD+h3UkoMuTyXkP5jTjK/ccNRmQrPNDuw==",
      "cpu": [
        "ppc64"
      ],
@@ -516,9 +516,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-riscv64-gnu": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.46.4.tgz",
-      "integrity": "sha512-r0WKLSfFAK8ucG024v2yiLSJMedoWvk8yWqfNICX28NHDGeu3F/wBf8KG6mclghx4FsLePxJr/9N8rIj1PtCnw==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.53.3.tgz",
+      "integrity": "sha512-4s+Wped2IHXHPnAEbIB0YWBv7SDohqxobiiPA1FIWZpX+w9o2i4LezzH/NkFUl8LRci/8udci6cLq+jJQlh+0g==",
      "cpu": [
        "riscv64"
      ],
@@ -529,9 +529,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-riscv64-musl": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.46.4.tgz",
-      "integrity": "sha512-IaizpPP2UQU3MNyPH1u0Xxbm73D+4OupL0bjo4Hm0496e2wg3zuvoAIhubkD1NGy9fXILEExPQy87mweujEatA==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.53.3.tgz",
+      "integrity": "sha512-68k2g7+0vs2u9CxDt5ktXTngsxOQkSEV/xBbwlqYcUrAVh6P9EgMZvFsnHy4SEiUl46Xf0IObWVbMvPrr2gw8A==",
      "cpu": [
        "riscv64"
      ],
@@ -542,9 +542,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-s390x-gnu": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.46.4.tgz",
-      "integrity": "sha512-aCM29orANR0a8wk896p6UEgIfupReupnmISz6SUwMIwTGaTI8MuKdE0OD2LvEg8ondDyZdMvnaN3bW4nFbATPA==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.53.3.tgz",
+      "integrity": "sha512-VYsFMpULAz87ZW6BVYw3I6sWesGpsP9OPcyKe8ofdg9LHxSbRMd7zrVrr5xi/3kMZtpWL/wC+UIJWJYVX5uTKg==",
      "cpu": [
        "s390x"
      ],
@@ -555,9 +555,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-x64-gnu": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.46.4.tgz",
-      "integrity": "sha512-0Xj1vZE3cbr/wda8d/m+UeuSL+TDpuozzdD4QaSzu/xSOMK0Su5RhIkF7KVHFQsobemUNHPLEcYllL7ZTCP/Cg==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.53.3.tgz",
+      "integrity": "sha512-3EhFi1FU6YL8HTUJZ51imGJWEX//ajQPfqWLI3BQq4TlvHy4X0MOr5q3D2Zof/ka0d5FNdPwZXm3Yyib/UEd+w==",
      "cpu": [
        "x64"
      ],
@@ -568,9 +568,9 @@
      ]
    },
    "node_modules/@rollup/rollup-linux-x64-musl": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.46.4.tgz",
-      "integrity": "sha512-kM/orjpolfA5yxsx84kI6bnK47AAZuWxglGKcNmokw2yy9i5eHY5UAjcX45jemTJnfHAWo3/hOoRqEeeTdL5hw==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.53.3.tgz",
+      "integrity": "sha512-eoROhjcc6HbZCJr+tvVT8X4fW3/5g/WkGvvmwz/88sDtSJzO7r/blvoBDgISDiCjDRZmHpwud7h+6Q9JxFwq1Q==",
      "cpu": [
        "x64"
      ],
@@ -580,10 +580,23 @@
        "linux"
      ]
    },
+    "node_modules/@rollup/rollup-openharmony-arm64": {
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.53.3.tgz",
+      "integrity": "sha512-OueLAWgrNSPGAdUdIjSWXw+u/02BRTcnfw9PN41D2vq/JSEPnJnVuBgw18VkN8wcd4fjUs+jFHVM4t9+kBSNLw==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openharmony"
+      ]
+    },
    "node_modules/@rollup/rollup-win32-arm64-msvc": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.46.4.tgz",
-      "integrity": "sha512-cNLH4psMEsWKILW0isbpQA2OvjXLbKvnkcJFmqAptPQbtLrobiapBJVj6RoIvg6UXVp5w0wnIfd/Q56cNpF+Ew==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.53.3.tgz",
+      "integrity": "sha512-GOFuKpsxR/whszbF/bzydebLiXIHSgsEUp6M0JI8dWvi+fFa1TD6YQa4aSZHtpmh2/uAlj/Dy+nmby3TJ3pkTw==",
      "cpu": [
        "arm64"
      ],
@@ -594,9 +607,9 @@
      ]
    },
    "node_modules/@rollup/rollup-win32-ia32-msvc": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.46.4.tgz",
-      "integrity": "sha512-OiEa5lRhiANpv4SfwYVgQ3opYWi/QmPDC5ve21m8G9pf6ZO+aX1g2EEF1/IFaM1xPSP7mK0msTRXlPs6mIagkg==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.53.3.tgz",
+      "integrity": "sha512-iah+THLcBJdpfZ1TstDFbKNznlzoxa8fmnFYK4V67HvmuNYkVdAywJSoteUszvBQ9/HqN2+9AZghbajMsFT+oA==",
      "cpu": [
        "ia32"
      ],
@@ -606,10 +619,23 @@
        "win32"
      ]
    },
+    "node_modules/@rollup/rollup-win32-x64-gnu": {
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.53.3.tgz",
+      "integrity": "sha512-J9QDiOIZlZLdcot5NXEepDkstocktoVjkaKUtqzgzpt2yWjGlbYiKyp05rWwk4nypbYUNoFAztEgixoLaSETkg==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
    "node_modules/@rollup/rollup-win32-x64-msvc": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.46.4.tgz",
-      "integrity": "sha512-IKL9mewGZ5UuuX4NQlwOmxPyqielvkAPUS2s1cl6yWjjQvyN3h5JTdVFGD5Jr5xMjRC8setOfGQDVgX8V+dkjg==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.53.3.tgz",
+      "integrity": "sha512-UhTd8u31dXadv0MopwGgNOBpUVROFKWVQgAg5N1ESyCz8AuBcMqm4AuTjrwgQKGDfoFuz02EuMRHQIw/frmYKQ==",
      "cpu": [
        "x64"
      ],
@@ -779,12 +805,12 @@
      }
    },
    "node_modules/resolve": {
-      "version": "1.22.10",
-      "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.10.tgz",
-      "integrity": "sha512-NPRy+/ncIMeDlTAsuqwKIiferiawhefFJtkNSW0qZJEqMEb+qBt/77B/jGeeek+F0uOeN05CDa6HXbbIgtVX4w==",
+      "version": "1.22.11",
+      "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.11.tgz",
+      "integrity": "sha512-RfqAvLnMl313r7c9oclB1HhUEAezcpLjz95wFH4LVuhk9JF/r22qmVP9AMmOU4vMX7Q8pN8jwNg/CSpdFnMjTQ==",
      "license": "MIT",
      "dependencies": {
-        "is-core-module": "^2.16.0",
+        "is-core-module": "^2.16.1",
        "path-parse": "^1.0.7",
        "supports-preserve-symlinks-flag": "^1.0.0"
      },
@@ -799,9 +825,9 @@
      }
    },
    "node_modules/rollup": {
-      "version": "4.46.4",
-      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.46.4.tgz",
-      "integrity": "sha512-YbxoxvoqNg9zAmw4+vzh1FkGAiZRK+LhnSrbSrSXMdZYsRPDWoshcSd/pldKRO6lWzv/e9TiJAVQyirYIeSIPQ==",
+      "version": "4.53.3",
+      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.53.3.tgz",
+      "integrity": "sha512-w8GmOxZfBmKknvdXU1sdM9NHcoQejwF/4mNgj2JuEEdRaHwwF12K7e9eXn1nLZ07ad+du76mkVsyeb2rKGllsA==",
      "license": "MIT",
      "dependencies": {
        "@types/estree": "1.0.8"
@@ -814,26 +840,28 @@
        "npm": ">=8.0.0"
      },
      "optionalDependencies": {
-        "@rollup/rollup-android-arm-eabi": "4.46.4",
-        "@rollup/rollup-android-arm64": "4.46.4",
-        "@rollup/rollup-darwin-arm64": "4.46.4",
-        "@rollup/rollup-darwin-x64": "4.46.4",
-        "@rollup/rollup-freebsd-arm64": "4.46.4",
-        "@rollup/rollup-freebsd-x64": "4.46.4",
-        "@rollup/rollup-linux-arm-gnueabihf": "4.46.4",
-        "@rollup/rollup-linux-arm-musleabihf": "4.46.4",
-        "@rollup/rollup-linux-arm64-gnu": "4.46.4",
-        "@rollup/rollup-linux-arm64-musl": "4.46.4",
-        "@rollup/rollup-linux-loongarch64-gnu": "4.46.4",
-        "@rollup/rollup-linux-ppc64-gnu": "4.46.4",
-        "@rollup/rollup-linux-riscv64-gnu": "4.46.4",
-        "@rollup/rollup-linux-riscv64-musl": "4.46.4",
-        "@rollup/rollup-linux-s390x-gnu": "4.46.4",
-        "@rollup/rollup-linux-x64-gnu": "4.46.4",
-        "@rollup/rollup-linux-x64-musl": "4.46.4",
-        "@rollup/rollup-win32-arm64-msvc": "4.46.4",
-        "@rollup/rollup-win32-ia32-msvc": "4.46.4",
-        "@rollup/rollup-win32-x64-msvc": "4.46.4",
+        "@rollup/rollup-android-arm-eabi": "4.53.3",
+        "@rollup/rollup-android-arm64": "4.53.3",
+        "@rollup/rollup-darwin-arm64": "4.53.3",
+        "@rollup/rollup-darwin-x64": "4.53.3",
+        "@rollup/rollup-freebsd-arm64": "4.53.3",
+        "@rollup/rollup-freebsd-x64": "4.53.3",
+        "@rollup/rollup-linux-arm-gnueabihf": "4.53.3",
+        "@rollup/rollup-linux-arm-musleabihf": "4.53.3",
+        "@rollup/rollup-linux-arm64-gnu": "4.53.3",
+        "@rollup/rollup-linux-arm64-musl": "4.53.3",
+        "@rollup/rollup-linux-loong64-gnu": "4.53.3",
+        "@rollup/rollup-linux-ppc64-gnu": "4.53.3",
+        "@rollup/rollup-linux-riscv64-gnu": "4.53.3",
+        "@rollup/rollup-linux-riscv64-musl": "4.53.3",
+        "@rollup/rollup-linux-s390x-gnu": "4.53.3",
+        "@rollup/rollup-linux-x64-gnu": "4.53.3",
+        "@rollup/rollup-linux-x64-musl": "4.53.3",
+        "@rollup/rollup-openharmony-arm64": "4.53.3",
+        "@rollup/rollup-win32-arm64-msvc": "4.53.3",
+        "@rollup/rollup-win32-ia32-msvc": "4.53.3",
+        "@rollup/rollup-win32-x64-gnu": "4.53.3",
+        "@rollup/rollup-win32-x64-msvc": "4.53.3",
        "fsevents": "~2.3.2"
      }
    },
@@ -897,9 +925,9 @@
      }
    },
    "node_modules/style-mod": {
-      "version": "4.1.2",
-      "resolved": "https://registry.npmjs.org/style-mod/-/style-mod-4.1.2.tgz",
-      "integrity": "sha512-wnD1HyVqpJUI2+eKZ+eo1UwghftP6yuFheBqqe+bWCotBjC2K1YnteJILRMs3SM4V/0dLEW1SC27MWP5y+mwmw==",
+      "version": "4.1.3",
+      "resolved": "https://registry.npmjs.org/style-mod/-/style-mod-4.1.3.tgz",
+      "integrity": "sha512-i/n8VsZydrugj3Iuzll8+x/00GH2vnYsk1eomD8QiRrSAeW6ItbCQDtfXCeJHd0iwiNagqjQkvpvREEPtW3IoQ==",
      "license": "MIT"
    },
    "node_modules/supports-preserve-symlinks-flag": {
@@ -915,14 +943,14 @@
      }
    },
    "node_modules/terser": {
-      "version": "5.43.1",
-      "resolved": "https://registry.npmjs.org/terser/-/terser-5.43.1.tgz",
-      "integrity": "sha512-+6erLbBm0+LROX2sPXlUYx/ux5PyE9K/a92Wrt6oA+WDAoFTdpHE5tCYCI5PNzq2y8df4rA+QgHLJuR4jNymsg==",
+      "version": "5.44.1",
+      "resolved": "https://registry.npmjs.org/terser/-/terser-5.44.1.tgz",
+      "integrity": "sha512-t/R3R/n0MSwnnazuPpPNVO60LX0SKL45pyl9YlvxIdkH0Of7D5qM2EVe+yASRIlY5pZ73nclYJfNANGWPwFDZw==",
      "dev": true,
      "license": "BSD-2-Clause",
      "dependencies": {
        "@jridgewell/source-map": "^0.3.3",
-        "acorn": "^8.14.0",
+        "acorn": "^8.15.0",
        "commander": "^2.20.0",
        "source-map-support": "~0.5.20"
      },
--- a/deps/libbacktrace
+++ b/deps/libbacktrace
--- a/deps/openssl_src
+++ b/deps/openssl_src
--- a/deps/quickjs
+++ b/deps/quickjs
--- a/deps/speedscope/release.txt
+++ b/deps/speedscope/release.txt
@@ -1,3 +0,0 @@
-speedscope@1.23.1
-Mon Aug 11 11:43:09 PDT 2025
-0cec0f82c334aed6cf19d43cabeadcda0d95e0fc
--- a/deps/sqlite/shell.c
+++ b/deps/sqlite/shell.c
--- a/deps/sqlite/sqlite3.c
+++ b/deps/sqlite/sqlite3.c
--- a/deps/sqlite/sqlite3.h
+++ b/deps/sqlite/sqlite3.h
@@ -146,9 +146,12 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.50.4"
-#define SQLITE_VERSION_NUMBER 3050004
-#define SQLITE_SOURCE_ID      "2025-07-30 19:33:53 4d8adfb30e03f9cf27f800a2c1ba3c48fb4ca1b08b0f5ed59a4d5ecbf45e20a3"
+#define SQLITE_VERSION        "3.51.0"
+#define SQLITE_VERSION_NUMBER 3051000
+#define SQLITE_SOURCE_ID      "2025-11-04 19:38:17 fb2c931ae597f8d00a37574ff67aeed3eced4e5547f9120744ae4bfa8e74527b"
+#define SQLITE_SCM_BRANCH     "trunk"
+#define SQLITE_SCM_TAGS       "release major-release version-3.51.0"
+#define SQLITE_SCM_DATETIME   "2025-11-04T19:38:17.314Z"

 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -168,9 +171,9 @@ extern "C" {
 ** assert( strcmp(sqlite3_libversion(),SQLITE_VERSION)==0 );
 ** </pre></blockquote>)^
 **
-** ^The sqlite3_version[] string constant contains the text of [SQLITE_VERSION]
-** macro.  ^The sqlite3_libversion() function returns a pointer to the
-** to the sqlite3_version[] string constant.  The sqlite3_libversion()
+** ^The sqlite3_version[] string constant contains the text of the
+** [SQLITE_VERSION] macro.  ^The sqlite3_libversion() function returns a
+** pointer to the sqlite3_version[] string constant.  The sqlite3_libversion()
 ** function is provided for use in DLLs since DLL users usually do not have
 ** direct access to string constants within the DLL.  ^The
 ** sqlite3_libversion_number() function returns an integer equal to
@@ -370,7 +373,7 @@ typedef int (*sqlite3_callback)(void*,int,char**, char**);
 ** without having to use a lot of C code.
 **
 ** ^The sqlite3_exec() interface runs zero or more UTF-8 encoded,
-** semicolon-separate SQL statements passed into its 2nd argument,
+** semicolon-separated SQL statements passed into its 2nd argument,
 ** in the context of the [database connection] passed in as its 1st
 ** argument.  ^If the callback function of the 3rd argument to
 ** sqlite3_exec() is not NULL, then it is invoked for each result row
@@ -403,7 +406,7 @@ typedef int (*sqlite3_callback)(void*,int,char**, char**);
 ** result row is NULL then the corresponding string pointer for the
 ** sqlite3_exec() callback is a NULL pointer.  ^The 4th argument to the
 ** sqlite3_exec() callback is an array of pointers to strings where each
-** entry represents the name of corresponding result column as obtained
+** entry represents the name of a corresponding result column as obtained
 ** from [sqlite3_column_name()].
 **
 ** ^If the 2nd parameter to sqlite3_exec() is a NULL pointer, a pointer
@@ -497,6 +500,9 @@ SQLITE_API int sqlite3_exec(
 #define SQLITE_ERROR_MISSING_COLLSEQ   (SQLITE_ERROR | (1<<8))
 #define SQLITE_ERROR_RETRY             (SQLITE_ERROR | (2<<8))
 #define SQLITE_ERROR_SNAPSHOT          (SQLITE_ERROR | (3<<8))
+#define SQLITE_ERROR_RESERVESIZE       (SQLITE_ERROR | (4<<8))
+#define SQLITE_ERROR_KEY               (SQLITE_ERROR | (5<<8))
+#define SQLITE_ERROR_UNABLE            (SQLITE_ERROR | (6<<8))
 #define SQLITE_IOERR_READ              (SQLITE_IOERR | (1<<8))
 #define SQLITE_IOERR_SHORT_READ        (SQLITE_IOERR | (2<<8))
 #define SQLITE_IOERR_WRITE             (SQLITE_IOERR | (3<<8))
@@ -531,6 +537,8 @@ SQLITE_API int sqlite3_exec(
 #define SQLITE_IOERR_DATA              (SQLITE_IOERR | (32<<8))
 #define SQLITE_IOERR_CORRUPTFS         (SQLITE_IOERR | (33<<8))
 #define SQLITE_IOERR_IN_PAGE           (SQLITE_IOERR | (34<<8))
+#define SQLITE_IOERR_BADKEY            (SQLITE_IOERR | (35<<8))
+#define SQLITE_IOERR_CODEC             (SQLITE_IOERR | (36<<8))
 #define SQLITE_LOCKED_SHAREDCACHE      (SQLITE_LOCKED |  (1<<8))
 #define SQLITE_LOCKED_VTAB             (SQLITE_LOCKED |  (2<<8))
 #define SQLITE_BUSY_RECOVERY           (SQLITE_BUSY   |  (1<<8))
@@ -589,7 +597,7 @@ SQLITE_API int sqlite3_exec(
 ** Note in particular that passing the SQLITE_OPEN_EXCLUSIVE flag into
 ** [sqlite3_open_v2()] does *not* cause the underlying database file
 ** to be opened using O_EXCL.  Passing SQLITE_OPEN_EXCLUSIVE into
-** [sqlite3_open_v2()] has historically be a no-op and might become an
+** [sqlite3_open_v2()] has historically been a no-op and might become an
 ** error in future versions of SQLite.
 */
 #define SQLITE_OPEN_READONLY         0x00000001  /* Ok for sqlite3_open_v2() */
@@ -683,7 +691,7 @@ SQLITE_API int sqlite3_exec(
 ** SQLite uses one of these integer values as the second
 ** argument to calls it makes to the xLock() and xUnlock() methods
 ** of an [sqlite3_io_methods] object.  These values are ordered from
-** lest restrictive to most restrictive.
+** least restrictive to most restrictive.
 **
 ** The argument to xLock() is always SHARED or higher.  The argument to
 ** xUnlock is either SHARED or NONE.
@@ -924,7 +932,7 @@ struct sqlite3_io_methods {
 ** connection.  See also [SQLITE_FCNTL_FILE_POINTER].
 **
 ** <li>[[SQLITE_FCNTL_SYNC_OMITTED]]
-** No longer in use.
+** The SQLITE_FCNTL_SYNC_OMITTED file-control is no longer used.
 **
 ** <li>[[SQLITE_FCNTL_SYNC]]
 ** The [SQLITE_FCNTL_SYNC] opcode is generated internally by SQLite and
@@ -999,7 +1007,7 @@ struct sqlite3_io_methods {
 **
 ** <li>[[SQLITE_FCNTL_VFSNAME]]
 ** ^The [SQLITE_FCNTL_VFSNAME] opcode can be used to obtain the names of
-** all [VFSes] in the VFS stack.  The names are of all VFS shims and the
+** all [VFSes] in the VFS stack.  The names of all VFS shims and the
 ** final bottom-level VFS are written into memory obtained from
 ** [sqlite3_malloc()] and the result is stored in the char* variable
 ** that the fourth parameter of [sqlite3_file_control()] points to.
@@ -1013,7 +1021,7 @@ struct sqlite3_io_methods {
 ** ^The [SQLITE_FCNTL_VFS_POINTER] opcode finds a pointer to the top-level
 ** [VFSes] currently in use.  ^(The argument X in
 ** sqlite3_file_control(db,SQLITE_FCNTL_VFS_POINTER,X) must be
-** of type "[sqlite3_vfs] **".  This opcodes will set *X
+** of type "[sqlite3_vfs] **".  This opcode will set *X
 ** to a pointer to the top-level VFS.)^
 ** ^When there are multiple VFS shims in the stack, this opcode finds the
 ** upper-most shim only.
@@ -1203,7 +1211,7 @@ struct sqlite3_io_methods {
 ** <li>[[SQLITE_FCNTL_EXTERNAL_READER]]
 ** The EXPERIMENTAL [SQLITE_FCNTL_EXTERNAL_READER] opcode is used to detect
 ** whether or not there is a database client in another process with a wal-mode
-** transaction open on the database or not. It is only available on unix.The
+** transaction open on the database or not. It is only available on unix. The
 ** (void*) argument passed with this file-control should be a pointer to a
 ** value of type (int). The integer value is set to 1 if the database is a wal
 ** mode database and there exists at least one client in another process that
@@ -1221,6 +1229,15 @@ struct sqlite3_io_methods {
 ** database is not a temp db, then the [SQLITE_FCNTL_RESET_CACHE] file-control
 ** purges the contents of the in-memory page cache. If there is an open
 ** transaction, or if the db is a temp-db, this opcode is a no-op, not an error.
+**
+** <li>[[SQLITE_FCNTL_FILESTAT]]
+** The [SQLITE_FCNTL_FILESTAT] opcode returns low-level diagnostic information
+** about the [sqlite3_file] objects used access the database and journal files
+** for the given schema.  The fourth parameter to [sqlite3_file_control()]
+** should be an initialized [sqlite3_str] pointer.  JSON text describing
+** various aspects of the sqlite3_file object is appended to the sqlite3_str.
+** The SQLITE_FCNTL_FILESTAT opcode is usually a no-op, unless compile-time
+** options are used to enable it.
 ** </ul>
 */
 #define SQLITE_FCNTL_LOCKSTATE               1
@@ -1266,6 +1283,7 @@ struct sqlite3_io_methods {
 #define SQLITE_FCNTL_RESET_CACHE            42
 #define SQLITE_FCNTL_NULL_IO                43
 #define SQLITE_FCNTL_BLOCK_ON_CONNECT       44
+#define SQLITE_FCNTL_FILESTAT               45

 /* deprecated names */
 #define SQLITE_GET_LOCKPROXYFILE      SQLITE_FCNTL_GET_LOCKPROXYFILE
@@ -1628,7 +1646,7 @@ struct sqlite3_vfs {
 ** SQLite interfaces so that an application usually does not need to
 ** invoke sqlite3_initialize() directly.  For example, [sqlite3_open()]
 ** calls sqlite3_initialize() so the SQLite library will be automatically
-** initialized when [sqlite3_open()] is called if it has not be initialized
+** initialized when [sqlite3_open()] is called if it has not been initialized
 ** already.  ^However, if SQLite is compiled with the [SQLITE_OMIT_AUTOINIT]
 ** compile-time option, then the automatic calls to sqlite3_initialize()
 ** are omitted and the application must call sqlite3_initialize() directly
@@ -1885,21 +1903,21 @@ struct sqlite3_mem_methods {
 ** The [sqlite3_mem_methods]
 ** structure is filled with the currently defined memory allocation routines.)^
 ** This option can be used to overload the default memory allocation
-** routines with a wrapper that simulations memory allocation failure or
+** routines with a wrapper that simulates memory allocation failure or
 ** tracks memory usage, for example. </dd>
 **
 ** [[SQLITE_CONFIG_SMALL_MALLOC]] <dt>SQLITE_CONFIG_SMALL_MALLOC</dt>
-** <dd> ^The SQLITE_CONFIG_SMALL_MALLOC option takes single argument of
+** <dd> ^The SQLITE_CONFIG_SMALL_MALLOC option takes a single argument of
 ** type int, interpreted as a boolean, which if true provides a hint to
 ** SQLite that it should avoid large memory allocations if possible.
 ** SQLite will run faster if it is free to make large memory allocations,
-** but some application might prefer to run slower in exchange for
+** but some applications might prefer to run slower in exchange for
 ** guarantees about memory fragmentation that are possible if large
 ** allocations are avoided.  This hint is normally off.
 ** </dd>
 **
 ** [[SQLITE_CONFIG_MEMSTATUS]] <dt>SQLITE_CONFIG_MEMSTATUS</dt>
-** <dd> ^The SQLITE_CONFIG_MEMSTATUS option takes single argument of type int,
+** <dd> ^The SQLITE_CONFIG_MEMSTATUS option takes a single argument of type int,
 ** interpreted as a boolean, which enables or disables the collection of
 ** memory allocation statistics. ^(When memory allocation statistics are
 ** disabled, the following SQLite interfaces become non-operational:
@@ -1944,7 +1962,7 @@ struct sqlite3_mem_methods {
 ** ^If pMem is NULL and N is non-zero, then each database connection
 ** does an initial bulk allocation for page cache memory
 ** from [sqlite3_malloc()] sufficient for N cache lines if N is positive or
-** of -1024*N bytes if N is negative, . ^If additional
+** of -1024*N bytes if N is negative. ^If additional
 ** page cache memory is needed beyond what is provided by the initial
 ** allocation, then SQLite goes to [sqlite3_malloc()] separately for each
 ** additional cache line. </dd>
@@ -1973,7 +1991,7 @@ struct sqlite3_mem_methods {
 ** <dd> ^(The SQLITE_CONFIG_MUTEX option takes a single argument which is a
 ** pointer to an instance of the [sqlite3_mutex_methods] structure.
 ** The argument specifies alternative low-level mutex routines to be used
-** in place the mutex routines built into SQLite.)^  ^SQLite makes a copy of
+** in place of the mutex routines built into SQLite.)^  ^SQLite makes a copy of
 ** the content of the [sqlite3_mutex_methods] structure before the call to
 ** [sqlite3_config()] returns. ^If SQLite is compiled with
 ** the [SQLITE_THREADSAFE | SQLITE_THREADSAFE=0] compile-time option then
@@ -2015,7 +2033,7 @@ struct sqlite3_mem_methods {
 **
 ** [[SQLITE_CONFIG_GETPCACHE2]] <dt>SQLITE_CONFIG_GETPCACHE2</dt>
 ** <dd> ^(The SQLITE_CONFIG_GETPCACHE2 option takes a single argument which
-** is a pointer to an [sqlite3_pcache_methods2] object.  SQLite copies of
+** is a pointer to an [sqlite3_pcache_methods2] object.  SQLite copies off
 ** the current page cache implementation into that object.)^ </dd>
 **
 ** [[SQLITE_CONFIG_LOG]] <dt>SQLITE_CONFIG_LOG</dt>
@@ -2032,7 +2050,7 @@ struct sqlite3_mem_methods {
 ** the logger function is a copy of the first parameter to the corresponding
 ** [sqlite3_log()] call and is intended to be a [result code] or an
 ** [extended result code].  ^The third parameter passed to the logger is
-** log message after formatting via [sqlite3_snprintf()].
+** a log message after formatting via [sqlite3_snprintf()].
 ** The SQLite logging interface is not reentrant; the logger function
 ** supplied by the application must not invoke any SQLite interface.
 ** In a multi-threaded application, the application-defined logger
@@ -2223,7 +2241,7 @@ struct sqlite3_mem_methods {
 ** These constants are the available integer configuration options that
 ** can be passed as the second parameter to the [sqlite3_db_config()] interface.
 **
-** The [sqlite3_db_config()] interface is a var-args functions.  It takes a
+** The [sqlite3_db_config()] interface is a var-args function.  It takes a
 ** variable number of parameters, though always at least two.  The number of
 ** parameters passed into sqlite3_db_config() depends on which of these
 ** constants is given as the second parameter.  This documentation page
@@ -2335,17 +2353,20 @@ struct sqlite3_mem_methods {
 **
 ** [[SQLITE_DBCONFIG_ENABLE_FTS3_TOKENIZER]]
 ** <dt>SQLITE_DBCONFIG_ENABLE_FTS3_TOKENIZER</dt>
-** <dd> ^This option is used to enable or disable the
-** [fts3_tokenizer()] function which is part of the
-** [FTS3] full-text search engine extension.
-** There must be two additional arguments.
-** The first argument is an integer which is 0 to disable fts3_tokenizer() or
-** positive to enable fts3_tokenizer() or negative to leave the setting
-** unchanged.
-** The second parameter is a pointer to an integer into which
-** is written 0 or 1 to indicate whether fts3_tokenizer is disabled or enabled
-** following this call.  The second parameter may be a NULL pointer, in
-** which case the new setting is not reported back. </dd>
+** <dd> ^This option is used to enable or disable using the
+** [fts3_tokenizer()] function - part of the [FTS3] full-text search engine
+** extension - without using bound parameters as the parameters. Doing so
+** is disabled by default. There must be two additional arguments. The first
+** argument is an integer. If it is passed 0, then using fts3_tokenizer()
+** without bound parameters is disabled. If it is passed a positive value,
+** then calling fts3_tokenizer without bound parameters is enabled. If it
+** is passed a negative value, this setting is not modified - this can be
+** used to query for the current setting. The second parameter is a pointer
+** to an integer into which is written 0 or 1 to indicate the current value
+** of this setting (after it is modified, if applicable).  The second
+** parameter may be a NULL pointer, in which case the value of the setting
+** is not reported back. Refer to [FTS3] documentation for further details.
+** </dd>
 **
 ** [[SQLITE_DBCONFIG_ENABLE_LOAD_EXTENSION]]
 ** <dt>SQLITE_DBCONFIG_ENABLE_LOAD_EXTENSION</dt>
@@ -2357,8 +2378,8 @@ struct sqlite3_mem_methods {
 ** When the first argument to this interface is 1, then only the C-API is
 ** enabled and the SQL function remains disabled.  If the first argument to
 ** this interface is 0, then both the C-API and the SQL function are disabled.
-** If the first argument is -1, then no changes are made to state of either the
-** C-API or the SQL function.
+** If the first argument is -1, then no changes are made to the state of either
+** the C-API or the SQL function.
 ** The second parameter is a pointer to an integer into which
 ** is written 0 or 1 to indicate whether [sqlite3_load_extension()] interface
 ** is disabled or enabled following this call.  The second parameter may
@@ -2476,7 +2497,7 @@ struct sqlite3_mem_methods {
 ** [[SQLITE_DBCONFIG_LEGACY_ALTER_TABLE]]
 ** <dt>SQLITE_DBCONFIG_LEGACY_ALTER_TABLE</dt>
 ** <dd>The SQLITE_DBCONFIG_LEGACY_ALTER_TABLE option activates or deactivates
-** the legacy behavior of the [ALTER TABLE RENAME] command such it
+** the legacy behavior of the [ALTER TABLE RENAME] command such that it
 ** behaves as it did prior to [version 3.24.0] (2018-06-04).  See the
 ** "Compatibility Notice" on the [ALTER TABLE RENAME documentation] for
 ** additional information. This feature can also be turned on and off
@@ -2525,7 +2546,7 @@ struct sqlite3_mem_methods {
 ** <dt>SQLITE_DBCONFIG_LEGACY_FILE_FORMAT</dt>
 ** <dd>The SQLITE_DBCONFIG_LEGACY_FILE_FORMAT option activates or deactivates
 ** the legacy file format flag.  When activated, this flag causes all newly
-** created database file to have a schema format version number (the 4-byte
+** created database files to have a schema format version number (the 4-byte
 ** integer found at offset 44 into the database header) of 1.  This in turn
 ** means that the resulting database file will be readable and writable by
 ** any SQLite version back to 3.0.0 ([dateof:3.0.0]).  Without this setting,
@@ -2552,7 +2573,7 @@ struct sqlite3_mem_methods {
 ** the database handle both when the SQL statement is prepared and when it
 ** is stepped. The flag is set (collection of statistics is enabled)
 ** by default. <p>This option takes two arguments: an integer and a pointer to
-** an integer..  The first argument is 1, 0, or -1 to enable, disable, or
+** an integer.  The first argument is 1, 0, or -1 to enable, disable, or
 ** leave unchanged the statement scanstatus option.  If the second argument
 ** is not NULL, then the value of the statement scanstatus setting after
 ** processing the first argument is written into the integer that the second
@@ -2595,8 +2616,8 @@ struct sqlite3_mem_methods {
 ** <dd>The SQLITE_DBCONFIG_ENABLE_ATTACH_WRITE option enables or disables the
 ** ability of the [ATTACH DATABASE] SQL command to open a database for writing.
 ** This capability is enabled by default.  Applications can disable or
-** reenable this capability using the current DBCONFIG option.  If the
-** the this capability is disabled, the [ATTACH] command will still work,
+** reenable this capability using the current DBCONFIG option.  If
+** this capability is disabled, the [ATTACH] command will still work,
 ** but the database will be opened read-only.  If this option is disabled,
 ** then the ability to create a new database using [ATTACH] is also disabled,
 ** regardless of the value of the [SQLITE_DBCONFIG_ENABLE_ATTACH_CREATE]
@@ -2630,7 +2651,7 @@ struct sqlite3_mem_methods {
 **
 ** <p>Most of the SQLITE_DBCONFIG options take two arguments, so that the
 ** overall call to [sqlite3_db_config()] has a total of four parameters.
-** The first argument (the third parameter to sqlite3_db_config()) is a integer.
+** The first argument (the third parameter to sqlite3_db_config()) is an integer.
 ** The second argument is a pointer to an integer.  If the first argument is 1,
 ** then the option becomes enabled.  If the first integer argument is 0, then the
 ** option is disabled.  If the first argument is -1, then the option setting
@@ -2920,7 +2941,7 @@ SQLITE_API int sqlite3_is_interrupted(sqlite3*);
 ** ^These routines return 0 if the statement is incomplete.  ^If a
 ** memory allocation fails, then SQLITE_NOMEM is returned.
 **
-** ^These routines do not parse the SQL statements thus
+** ^These routines do not parse the SQL statements and thus
 ** will not detect syntactically incorrect SQL.
 **
 ** ^(If SQLite has not been initialized using [sqlite3_initialize()] prior
@@ -3037,7 +3058,7 @@ SQLITE_API int sqlite3_busy_timeout(sqlite3*, int ms);
 ** indefinitely if possible. The results of passing any other negative value
 ** are undefined.
 **
-** Internally, each SQLite database handle store two timeout values - the
+** Internally, each SQLite database handle stores two timeout values - the
 ** busy-timeout (used for rollback mode databases, or if the VFS does not
 ** support blocking locks) and the setlk-timeout (used for blocking locks
 ** on wal-mode databases). The sqlite3_busy_timeout() method sets both
@@ -3067,7 +3088,7 @@ SQLITE_API int sqlite3_setlk_timeout(sqlite3*, int ms, int flags);
 ** This is a legacy interface that is preserved for backwards compatibility.
 ** Use of this interface is not recommended.
 **
-** Definition: A <b>result table</b> is memory data structure created by the
+** Definition: A <b>result table</b> is a memory data structure created by the
 ** [sqlite3_get_table()] interface.  A result table records the
 ** complete query results from one or more queries.
 **
@@ -3210,7 +3231,7 @@ SQLITE_API char *sqlite3_vsnprintf(int,char*,const char*, va_list);
 ** ^Calling sqlite3_free() with a pointer previously returned
 ** by sqlite3_malloc() or sqlite3_realloc() releases that memory so
 ** that it might be reused.  ^The sqlite3_free() routine is
-** a no-op if is called with a NULL pointer.  Passing a NULL pointer
+** a no-op if it is called with a NULL pointer.  Passing a NULL pointer
 ** to sqlite3_free() is harmless.  After being freed, memory
 ** should neither be read nor written.  Even reading previously freed
 ** memory might result in a segmentation fault or other severe error.
@@ -3228,13 +3249,13 @@ SQLITE_API char *sqlite3_vsnprintf(int,char*,const char*, va_list);
 ** sqlite3_free(X).
 ** ^sqlite3_realloc(X,N) returns a pointer to a memory allocation
 ** of at least N bytes in size or NULL if insufficient memory is available.
-** ^If M is the size of the prior allocation, then min(N,M) bytes
-** of the prior allocation are copied into the beginning of buffer returned
+** ^If M is the size of the prior allocation, then min(N,M) bytes of the
+** prior allocation are copied into the beginning of the buffer returned
 ** by sqlite3_realloc(X,N) and the prior allocation is freed.
 ** ^If sqlite3_realloc(X,N) returns NULL and N is positive, then the
 ** prior allocation is not freed.
 **
-** ^The sqlite3_realloc64(X,N) interfaces works the same as
+** ^The sqlite3_realloc64(X,N) interface works the same as
 ** sqlite3_realloc(X,N) except that N is a 64-bit unsigned integer instead
 ** of a 32-bit signed integer.
 **
@@ -3284,7 +3305,7 @@ SQLITE_API sqlite3_uint64 sqlite3_msize(void*);
 ** was last reset.  ^The values returned by [sqlite3_memory_used()] and
 ** [sqlite3_memory_highwater()] include any overhead
 ** added by SQLite in its implementation of [sqlite3_malloc()],
-** but not overhead added by the any underlying system library
+** but not overhead added by any underlying system library
 ** routines that [sqlite3_malloc()] may call.
 **
 ** ^The memory high-water mark is reset to the current value of
@@ -3736,7 +3757,7 @@ SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*);
 ** there is no harm in trying.)
 **
 ** ^(<dt>[SQLITE_OPEN_SHAREDCACHE]</dt>
-** <dd>The database is opened [shared cache] enabled, overriding
+** <dd>The database is opened with [shared cache] enabled, overriding
 ** the default shared cache setting provided by
 ** [sqlite3_enable_shared_cache()].)^
 ** The [use of shared cache mode is discouraged] and hence shared cache
@@ -3744,7 +3765,7 @@ SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*);
 ** this option is a no-op.
 **
 ** ^(<dt>[SQLITE_OPEN_PRIVATECACHE]</dt>
-** <dd>The database is opened [shared cache] disabled, overriding
+** <dd>The database is opened with [shared cache] disabled, overriding
 ** the default shared cache setting provided by
 ** [sqlite3_enable_shared_cache()].)^
 **
@@ -4162,7 +4183,7 @@ SQLITE_API void sqlite3_free_filename(sqlite3_filename);
 ** subsequent calls to other SQLite interface functions.)^
 **
 ** ^The sqlite3_errstr(E) interface returns the English-language text
-** that describes the [result code] E, as UTF-8, or NULL if E is not an
+** that describes the [result code] E, as UTF-8, or NULL if E is not a
 ** result code for which a text error message is available.
 ** ^(Memory to hold the error message string is managed internally
 ** and must not be freed by the application)^.
@@ -4170,7 +4191,7 @@ SQLITE_API void sqlite3_free_filename(sqlite3_filename);
 ** ^If the most recent error references a specific token in the input
 ** SQL, the sqlite3_error_offset() interface returns the byte offset
 ** of the start of that token.  ^The byte offset returned by
-** sqlite3_error_offset() assumes that the input SQL is UTF8.
+** sqlite3_error_offset() assumes that the input SQL is UTF-8.
 ** ^If the most recent error does not reference a specific token in the input
 ** SQL, then the sqlite3_error_offset() function returns -1.
 **
@@ -4195,6 +4216,34 @@ SQLITE_API const void *sqlite3_errmsg16(sqlite3*);
 SQLITE_API const char *sqlite3_errstr(int);
 SQLITE_API int sqlite3_error_offset(sqlite3 *db);

+/*
+** CAPI3REF: Set Error Codes And Message
+** METHOD: sqlite3
+**
+** Set the error code of the database handle passed as the first argument
+** to errcode, and the error message to a copy of nul-terminated string
+** zErrMsg. If zErrMsg is passed NULL, then the error message is set to
+** the default message associated with the supplied error code.  Subsequent
+** calls to [sqlite3_errcode()] and [sqlite3_errmsg()] and similar will
+** return the values set by this routine in place of what was previously
+** set by SQLite itself.
+**
+** This function returns SQLITE_OK if the error code and error message are
+** successfully set, SQLITE_NOMEM if an OOM occurs, and SQLITE_MISUSE if
+** the database handle is NULL or invalid.
+**
+** The error code and message set by this routine remains in effect until
+** they are changed, either by another call to this routine or until they are
+** changed to by SQLite itself to reflect the result of some subsquent
+** API call.
+**
+** This function is intended for use by SQLite extensions or wrappers.  The
+** idea is that an extension or wrapper can use this routine to set error
+** messages and error codes and thus behave more like a core SQLite
+** feature from the point of view of an application.
+*/
+SQLITE_API int sqlite3_set_errmsg(sqlite3 *db, int errcode, const char *zErrMsg);
+
 /*
 ** CAPI3REF: Prepared Statement Object
 ** KEYWORDS: {prepared statement} {prepared statements}
@@ -4269,8 +4318,8 @@ SQLITE_API int sqlite3_limit(sqlite3*, int id, int newVal);
 **
 ** These constants define various performance limits
 ** that can be lowered at run-time using [sqlite3_limit()].
-** The synopsis of the meanings of the various limits is shown below.
-** Additional information is available at [limits | Limits in SQLite].
+** A concise description of these limits follows, and additional information
+** is available at [limits | Limits in SQLite].
 **
 ** <dl>
 ** [[SQLITE_LIMIT_LENGTH]] ^(<dt>SQLITE_LIMIT_LENGTH</dt>
@@ -4335,7 +4384,7 @@ SQLITE_API int sqlite3_limit(sqlite3*, int id, int newVal);
 /*
 ** CAPI3REF: Prepare Flags
 **
-** These constants define various flags that can be passed into
+** These constants define various flags that can be passed into the
 ** "prepFlags" parameter of the [sqlite3_prepare_v3()] and
 ** [sqlite3_prepare16_v3()] interfaces.
 **
@@ -4422,7 +4471,7 @@ SQLITE_API int sqlite3_limit(sqlite3*, int id, int newVal);
 ** there is a small performance advantage to passing an nByte parameter that
 ** is the number of bytes in the input string <i>including</i>
 ** the nul-terminator.
-** Note that nByte measure the length of the input in bytes, not
+** Note that nByte measures the length of the input in bytes, not
 ** characters, even for the UTF-16 interfaces.
 **
 ** ^If pzTail is not NULL then *pzTail is made to point to the first byte
@@ -4556,7 +4605,7 @@ SQLITE_API int sqlite3_prepare16_v3(
 **
 ** ^The sqlite3_expanded_sql() interface returns NULL if insufficient memory
 ** is available to hold the result, or if the result would exceed the
-** the maximum string length determined by the [SQLITE_LIMIT_LENGTH].
+** maximum string length determined by the [SQLITE_LIMIT_LENGTH].
 **
 ** ^The [SQLITE_TRACE_SIZE_LIMIT] compile-time option limits the size of
 ** bound parameter expansions.  ^The [SQLITE_OMIT_TRACE] compile-time
@@ -4744,7 +4793,7 @@ typedef struct sqlite3_value sqlite3_value;
 **
 ** The context in which an SQL function executes is stored in an
 ** sqlite3_context object.  ^A pointer to an sqlite3_context object
-** is always first parameter to [application-defined SQL functions].
+** is always the first parameter to [application-defined SQL functions].
 ** The application-defined SQL function implementation will pass this
 ** pointer through into calls to [sqlite3_result_int | sqlite3_result()],
 ** [sqlite3_aggregate_context()], [sqlite3_user_data()],
@@ -4868,9 +4917,11 @@ typedef struct sqlite3_context sqlite3_context;
 ** associated with the pointer P of type T.  ^D is either a NULL pointer or
 ** a pointer to a destructor function for P. ^SQLite will invoke the
 ** destructor D with a single argument of P when it is finished using
-** P.  The T parameter should be a static string, preferably a string
-** literal. The sqlite3_bind_pointer() routine is part of the
-** [pointer passing interface] added for SQLite 3.20.0.
+** P, even if the call to sqlite3_bind_pointer() fails.  Due to a
+** historical design quirk, results are undefined if D is
+** SQLITE_TRANSIENT. The T parameter should be a static string,
+** preferably a string literal. The sqlite3_bind_pointer() routine is
+** part of the [pointer passing interface] added for SQLite 3.20.0.
 **
 ** ^If any of the sqlite3_bind_*() routines are called with a NULL pointer
 ** for the [prepared statement] or with a prepared statement for which
@@ -5481,7 +5532,7 @@ SQLITE_API int sqlite3_column_type(sqlite3_stmt*, int iCol);
 **
 ** ^The sqlite3_finalize() function is called to delete a [prepared statement].
 ** ^If the most recent evaluation of the statement encountered no errors
-** or if the statement is never been evaluated, then sqlite3_finalize() returns
+** or if the statement has never been evaluated, then sqlite3_finalize() returns
 ** SQLITE_OK.  ^If the most recent evaluation of statement S failed, then
 ** sqlite3_finalize(S) returns the appropriate [error code] or
 ** [extended error code].
@@ -5713,7 +5764,7 @@ SQLITE_API int sqlite3_create_window_function(
 /*
 ** CAPI3REF: Text Encodings
 **
-** These constant define integer codes that represent the various
+** These constants define integer codes that represent the various
 ** text encodings supported by SQLite.
 */
 #define SQLITE_UTF8           1    /* IMP: R-37514-35566 */
@@ -5805,7 +5856,7 @@ SQLITE_API int sqlite3_create_window_function(
 ** result.
 ** Every function that invokes [sqlite3_result_subtype()] should have this
 ** property.  If it does not, then the call to [sqlite3_result_subtype()]
-** might become a no-op if the function is used as term in an
+** might become a no-op if the function is used as a term in an
 ** [expression index].  On the other hand, SQL functions that never invoke
 ** [sqlite3_result_subtype()] should avoid setting this property, as the
 ** purpose of this property is to disable certain optimizations that are
@@ -5932,7 +5983,7 @@ SQLITE_API SQLITE_DEPRECATED int sqlite3_memory_alarm(void(*)(void*,sqlite3_int6
 ** sqlite3_value_nochange(X) interface returns true if and only if
 ** the column corresponding to X is unchanged by the UPDATE operation
 ** that the xUpdate method call was invoked to implement and if
-** and the prior [xColumn] method call that was invoked to extracted
+** the prior [xColumn] method call that was invoked to extract
 ** the value for that column returned without setting a result (probably
 ** because it queried [sqlite3_vtab_nochange()] and found that the column
 ** was unchanging).  ^Within an [xUpdate] method, any value for which
@@ -6205,6 +6256,7 @@ SQLITE_API void sqlite3_set_auxdata(sqlite3_context*, int N, void*, void (*)(voi
 ** or a NULL pointer if there were no prior calls to
 ** sqlite3_set_clientdata() with the same values of D and N.
 ** Names are compared using strcmp() and are thus case sensitive.
+** It returns 0 on success and SQLITE_NOMEM on allocation failure.
 **
 ** If P and X are both non-NULL, then the destructor X is invoked with
 ** argument P on the first of the following occurrences:
@@ -8881,9 +8933,18 @@ SQLITE_API int sqlite3_status64(
 ** ^The sqlite3_db_status() routine returns SQLITE_OK on success and a
 ** non-zero [error code] on failure.
 **
+** ^The sqlite3_db_status64(D,O,C,H,R) routine works exactly the same
+** way as sqlite3_db_status(D,O,C,H,R) routine except that the C and H
+** parameters are pointer to 64-bit integers (type: sqlite3_int64) instead
+** of pointers to 32-bit integers, which allows larger status values
+** to be returned.  If a status value exceeds 2,147,483,647 then
+** sqlite3_db_status() will truncate the value whereas sqlite3_db_status64()
+** will return the full value.
+**
 ** See also: [sqlite3_status()] and [sqlite3_stmt_status()].
 */
 SQLITE_API int sqlite3_db_status(sqlite3*, int op, int *pCur, int *pHiwtr, int resetFlg);
+SQLITE_API int sqlite3_db_status64(sqlite3*,int,sqlite3_int64*,sqlite3_int64*,int);

 /*
 ** CAPI3REF: Status Parameters for database connections
@@ -8980,6 +9041,10 @@ SQLITE_API int sqlite3_db_status(sqlite3*, int op, int *pCur, int *pHiwtr, int r
 ** If an IO or other error occurs while writing a page to disk, the effect
 ** on subsequent SQLITE_DBSTATUS_CACHE_WRITE requests is undefined.)^ ^The
 ** highwater mark associated with SQLITE_DBSTATUS_CACHE_WRITE is always 0.
+** <p>
+** ^(There is overlap between the quantities measured by this parameter
+** (SQLITE_DBSTATUS_CACHE_WRITE) and SQLITE_DBSTATUS_TEMPBUF_SPILL.
+** Resetting one will reduce the other.)^
 ** </dd>
 **
 ** [[SQLITE_DBSTATUS_CACHE_SPILL]] ^(<dt>SQLITE_DBSTATUS_CACHE_SPILL</dt>
@@ -8995,6 +9060,18 @@ SQLITE_API int sqlite3_db_status(sqlite3*, int op, int *pCur, int *pHiwtr, int r
 ** <dd>This parameter returns zero for the current value if and only if
 ** all foreign key constraints (deferred or immediate) have been
 ** resolved.)^  ^The highwater mark is always 0.
+**
+** [[SQLITE_DBSTATUS_TEMPBUF_SPILL] ^(<dt>SQLITE_DBSTATUS_TEMPBUF_SPILL</dt>
+** <dd>^(This parameter returns the number of bytes written to temporary
+** files on disk that could have been kept in memory had sufficient memory
+** been available.  This value includes writes to intermediate tables that
+** are part of complex queries, external sorts that spill to disk, and
+** writes to TEMP tables.)^
+** ^The highwater mark is always 0.
+** <p>
+** ^(There is overlap between the quantities measured by this parameter
+** (SQLITE_DBSTATUS_TEMPBUF_SPILL) and SQLITE_DBSTATUS_CACHE_WRITE.
+** Resetting one will reduce the other.)^
 ** </dd>
 ** </dl>
 */
@@ -9011,7 +9088,8 @@ SQLITE_API int sqlite3_db_status(sqlite3*, int op, int *pCur, int *pHiwtr, int r
 #define SQLITE_DBSTATUS_DEFERRED_FKS        10
 #define SQLITE_DBSTATUS_CACHE_USED_SHARED   11
 #define SQLITE_DBSTATUS_CACHE_SPILL         12
-#define SQLITE_DBSTATUS_MAX                 12   /* Largest defined DBSTATUS */
+#define SQLITE_DBSTATUS_TEMPBUF_SPILL       13
+#define SQLITE_DBSTATUS_MAX                 13   /* Largest defined DBSTATUS */


 /*
@@ -9776,7 +9854,7 @@ SQLITE_API void sqlite3_log(int iErrCode, const char *zFormat, ...);
 ** is the number of pages currently in the write-ahead log file,
 ** including those that were just committed.
 **
-** The callback function should normally return [SQLITE_OK].  ^If an error
+** ^The callback function should normally return [SQLITE_OK].  ^If an error
 ** code is returned, that error will propagate back up through the
 ** SQLite code base to cause the statement that provoked the callback
 ** to report an error, though the commit will have still occurred. If the
@@ -9784,13 +9862,26 @@ SQLITE_API void sqlite3_log(int iErrCode, const char *zFormat, ...);
 ** that does not correspond to any valid SQLite error code, the results
 ** are undefined.
 **
-** A single database handle may have at most a single write-ahead log callback
-** registered at one time. ^Calling [sqlite3_wal_hook()] replaces any
-** previously registered write-ahead log callback. ^The return value is
-** a copy of the third parameter from the previous call, if any, or 0.
-** ^Note that the [sqlite3_wal_autocheckpoint()] interface and the
-** [wal_autocheckpoint pragma] both invoke [sqlite3_wal_hook()] and will
-** overwrite any prior [sqlite3_wal_hook()] settings.
+** ^A single database handle may have at most a single write-ahead log
+** callback registered at one time. ^Calling [sqlite3_wal_hook()]
+** replaces the default behavior or previously registered write-ahead
+** log callback.
+**
+** ^The return value is a copy of the third parameter from the
+** previous call, if any, or 0.
+**
+** ^The [sqlite3_wal_autocheckpoint()] interface and the
+** [wal_autocheckpoint pragma] both invoke [sqlite3_wal_hook()] and
+** will overwrite any prior [sqlite3_wal_hook()] settings.
+**
+** ^If a write-ahead log callback is set using this function then
+** [sqlite3_wal_checkpoint_v2()] or [PRAGMA wal_checkpoint]
+** should be invoked periodically to keep the write-ahead log file
+** from growing without bound.
+**
+** ^Passing a NULL pointer for the callback disables automatic
+** checkpointing entirely. To re-enable the default behavior, call
+** sqlite3_wal_autocheckpoint(db,1000) or use [PRAGMA wal_checkpoint].
 */
 SQLITE_API void *sqlite3_wal_hook(
  sqlite3*,
@@ -9807,7 +9898,7 @@ SQLITE_API void *sqlite3_wal_hook(
 ** to automatically [checkpoint]
 ** after committing a transaction if there are N or
 ** more frames in the [write-ahead log] file.  ^Passing zero or
-** a negative value as the nFrame parameter disables automatic
+** a negative value as the N parameter disables automatic
 ** checkpoints entirely.
 **
 ** ^The callback registered by this function replaces any existing callback
@@ -9823,9 +9914,10 @@ SQLITE_API void *sqlite3_wal_hook(
 **
 ** ^Every new [database connection] defaults to having the auto-checkpoint
 ** enabled with a threshold of 1000 or [SQLITE_DEFAULT_WAL_AUTOCHECKPOINT]
-** pages.  The use of this interface
-** is only necessary if the default setting is found to be suboptimal
-** for a particular application.
+** pages.
+**
+** ^The use of this interface is only necessary if the default setting
+** is found to be suboptimal for a particular application.
 */
 SQLITE_API int sqlite3_wal_autocheckpoint(sqlite3 *db, int N);

@@ -9890,6 +9982,11 @@ SQLITE_API int sqlite3_wal_checkpoint(sqlite3 *db, const char *zDb);
 **   ^This mode works the same way as SQLITE_CHECKPOINT_RESTART with the
 **   addition that it also truncates the log file to zero bytes just prior
 **   to a successful return.
+**
+** <dt>SQLITE_CHECKPOINT_NOOP<dd>
+**   ^This mode always checkpoints zero frames. The only reason to invoke
+**   a NOOP checkpoint is to access the values returned by
+**   sqlite3_wal_checkpoint_v2() via output parameters *pnLog and *pnCkpt.
 ** </dl>
 **
 ** ^If pnLog is not NULL, then *pnLog is set to the total number of frames in
@@ -9960,6 +10057,7 @@ SQLITE_API int sqlite3_wal_checkpoint_v2(
 ** See the [sqlite3_wal_checkpoint_v2()] documentation for details on the
 ** meaning of each of these checkpoint modes.
 */
+#define SQLITE_CHECKPOINT_NOOP    -1  /* Do no work at all */
 #define SQLITE_CHECKPOINT_PASSIVE  0  /* Do as much as possible w/o blocking */
 #define SQLITE_CHECKPOINT_FULL     1  /* Wait for writers, then checkpoint */
 #define SQLITE_CHECKPOINT_RESTART  2  /* Like FULL but wait for readers */
@@ -10787,7 +10885,7 @@ typedef struct sqlite3_snapshot {
 ** The [sqlite3_snapshot_get()] interface is only available when the
 ** [SQLITE_ENABLE_SNAPSHOT] compile-time option is used.
 */
-SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_get(
+SQLITE_API int sqlite3_snapshot_get(
  sqlite3 *db,
  const char *zSchema,
  sqlite3_snapshot **ppSnapshot
@@ -10836,7 +10934,7 @@ SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_get(
 ** The [sqlite3_snapshot_open()] interface is only available when the
 ** [SQLITE_ENABLE_SNAPSHOT] compile-time option is used.
 */
-SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_open(
+SQLITE_API int sqlite3_snapshot_open(
  sqlite3 *db,
  const char *zSchema,
  sqlite3_snapshot *pSnapshot
@@ -10853,7 +10951,7 @@ SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_open(
 ** The [sqlite3_snapshot_free()] interface is only available when the
 ** [SQLITE_ENABLE_SNAPSHOT] compile-time option is used.
 */
-SQLITE_API SQLITE_EXPERIMENTAL void sqlite3_snapshot_free(sqlite3_snapshot*);
+SQLITE_API void sqlite3_snapshot_free(sqlite3_snapshot*);

 /*
 ** CAPI3REF: Compare the ages of two snapshot handles.
@@ -10880,7 +10978,7 @@ SQLITE_API SQLITE_EXPERIMENTAL void sqlite3_snapshot_free(sqlite3_snapshot*);
 ** This interface is only available if SQLite is compiled with the
 ** [SQLITE_ENABLE_SNAPSHOT] option.
 */
-SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_cmp(
+SQLITE_API int sqlite3_snapshot_cmp(
  sqlite3_snapshot *p1,
  sqlite3_snapshot *p2
 );
@@ -10908,7 +11006,7 @@ SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_cmp(
 ** This interface is only available if SQLite is compiled with the
 ** [SQLITE_ENABLE_SNAPSHOT] option.
 */
-SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_recover(sqlite3 *db, const char *zDb);
+SQLITE_API int sqlite3_snapshot_recover(sqlite3 *db, const char *zDb);

 /*
 ** CAPI3REF: Serialize a database
@@ -10982,12 +11080,13 @@ SQLITE_API unsigned char *sqlite3_serialize(
 **
 ** The sqlite3_deserialize(D,S,P,N,M,F) interface causes the
 ** [database connection] D to disconnect from database S and then
-** reopen S as an in-memory database based on the serialization contained
-** in P.  The serialized database P is N bytes in size.  M is the size of
-** the buffer P, which might be larger than N.  If M is larger than N, and
-** the SQLITE_DESERIALIZE_READONLY bit is not set in F, then SQLite is
-** permitted to add content to the in-memory database as long as the total
-** size does not exceed M bytes.
+** reopen S as an in-memory database based on the serialization
+** contained in P.  If S is a NULL pointer, the main database is
+** used. The serialized database P is N bytes in size.  M is the size
+** of the buffer P, which might be larger than N.  If M is larger than
+** N, and the SQLITE_DESERIALIZE_READONLY bit is not set in F, then
+** SQLite is permitted to add content to the in-memory database as
+** long as the total size does not exceed M bytes.
 **
 ** If the SQLITE_DESERIALIZE_FREEONCLOSE bit is set in F, then SQLite will
 ** invoke sqlite3_free() on the serialization buffer when the database
@@ -11054,6 +11153,54 @@ SQLITE_API int sqlite3_deserialize(
 #define SQLITE_DESERIALIZE_RESIZEABLE  2 /* Resize using sqlite3_realloc64() */
 #define SQLITE_DESERIALIZE_READONLY    4 /* Database is read-only */

+/*
+** CAPI3REF: Bind array values to the CARRAY table-valued function
+**
+** The sqlite3_carray_bind(S,I,P,N,F,X) interface binds an array value to
+** one of the first argument of the [carray() table-valued function].  The
+** S parameter is a pointer to the [prepared statement] that uses the carray()
+** functions.  I is the parameter index to be bound.  P is a pointer to the
+** array to be bound, and N is the number of eements in the array.  The
+** F argument is one of constants [SQLITE_CARRAY_INT32], [SQLITE_CARRAY_INT64],
+** [SQLITE_CARRAY_DOUBLE], [SQLITE_CARRAY_TEXT], or [SQLITE_CARRAY_BLOB] to
+** indicate the datatype of the array being bound.  The X argument is not a
+** NULL pointer, then SQLite will invoke the function X on the P parameter
+** after it has finished using P, even if the call to
+** sqlite3_carray_bind() fails. The special-case finalizer
+** SQLITE_TRANSIENT has no effect here.
+*/
+SQLITE_API int sqlite3_carray_bind(
+  sqlite3_stmt *pStmt,        /* Statement to be bound */
+  int i,                      /* Parameter index */
+  void *aData,                /* Pointer to array data */
+  int nData,                  /* Number of data elements */
+  int mFlags,                 /* CARRAY flags */
+  void (*xDel)(void*)         /* Destructor for aData */
+);
+
+/*
+** CAPI3REF: Datatypes for the CARRAY table-valued function
+**
+** The fifth argument to the [sqlite3_carray_bind()] interface musts be
+** one of the following constants, to specify the datatype of the array
+** that is being bound into the [carray table-valued function].
+*/
+#define SQLITE_CARRAY_INT32     0    /* Data is 32-bit signed integers */
+#define SQLITE_CARRAY_INT64     1    /* Data is 64-bit signed integers */
+#define SQLITE_CARRAY_DOUBLE    2    /* Data is doubles */
+#define SQLITE_CARRAY_TEXT      3    /* Data is char* */
+#define SQLITE_CARRAY_BLOB      4    /* Data is struct iovec */
+
+/*
+** Versions of the above #defines that omit the initial SQLITE_, for
+** legacy compatibility.
+*/
+#define CARRAY_INT32     0    /* Data is 32-bit signed integers */
+#define CARRAY_INT64     1    /* Data is 64-bit signed integers */
+#define CARRAY_DOUBLE    2    /* Data is doubles */
+#define CARRAY_TEXT      3    /* Data is char* */
+#define CARRAY_BLOB      4    /* Data is struct iovec */
+
 /*
 ** Undo the hack that converts floating point types to integer for
 ** builds on processors without floating point support.
@@ -12313,14 +12460,32 @@ SQLITE_API void sqlite3changegroup_delete(sqlite3_changegroup*);
 ** update the "main" database attached to handle db with the changes found in
 ** the changeset passed via the second and third arguments.
 **
+** All changes made by these functions are enclosed in a savepoint transaction.
+** If any other error (aside from a constraint failure when attempting to
+** write to the target database) occurs, then the savepoint transaction is
+** rolled back, restoring the target database to its original state, and an
+** SQLite error code returned. Additionally, starting with version 3.51.0,
+** an error code and error message that may be accessed using the
+** [sqlite3_errcode()] and [sqlite3_errmsg()] APIs are left in the database
+** handle.
+**
 ** The fourth argument (xFilter) passed to these functions is the "filter
-** callback". If it is not NULL, then for each table affected by at least one
-** change in the changeset, the filter callback is invoked with
-** the table name as the second argument, and a copy of the context pointer
-** passed as the sixth argument as the first. If the "filter callback"
-** returns zero, then no attempt is made to apply any changes to the table.
-** Otherwise, if the return value is non-zero or the xFilter argument to
-** is NULL, all changes related to the table are attempted.
+** callback". This may be passed NULL, in which case all changes in the
+** changeset are applied to the database. For sqlite3changeset_apply() and
+** sqlite3_changeset_apply_v2(), if it is not NULL, then it is invoked once
+** for each table affected by at least one change in the changeset. In this
+** case the table name is passed as the second argument, and a copy of
+** the context pointer passed as the sixth argument to apply() or apply_v2()
+** as the first. If the "filter callback" returns zero, then no attempt is
+** made to apply any changes to the table. Otherwise, if the return value is
+** non-zero, all changes related to the table are attempted.
+**
+** For sqlite3_changeset_apply_v3(), the xFilter callback is invoked once
+** per change. The second argument in this case is an sqlite3_changeset_iter
+** that may be queried using the usual APIs for the details of the current
+** change. If the "filter callback" returns zero in this case, then no attempt
+** is made to apply the current change. If it returns non-zero, the change
+** is applied.
 **
 ** For each table that is not excluded by the filter callback, this function
 ** tests that the target database contains a compatible table. A table is
@@ -12341,11 +12506,11 @@ SQLITE_API void sqlite3changegroup_delete(sqlite3_changegroup*);
 ** one such warning is issued for each table in the changeset.
 **
 ** For each change for which there is a compatible table, an attempt is made
-** to modify the table contents according to the UPDATE, INSERT or DELETE
-** change. If a change cannot be applied cleanly, the conflict handler
-** function passed as the fifth argument to sqlite3changeset_apply() may be
-** invoked. A description of exactly when the conflict handler is invoked for
-** each type of change is below.
+** to modify the table contents according to each UPDATE, INSERT or DELETE
+** change that is not excluded by a filter callback. If a change cannot be
+** applied cleanly, the conflict handler function passed as the fifth argument
+** to sqlite3changeset_apply() may be invoked. A description of exactly when
+** the conflict handler is invoked for each type of change is below.
 **
 ** Unlike the xFilter argument, xConflict may not be passed NULL. The results
 ** of passing anything other than a valid function pointer as the xConflict
@@ -12441,12 +12606,6 @@ SQLITE_API void sqlite3changegroup_delete(sqlite3_changegroup*);
 ** This can be used to further customize the application's conflict
 ** resolution strategy.
 **
-** All changes made by these functions are enclosed in a savepoint transaction.
-** If any other error (aside from a constraint failure when attempting to
-** write to the target database) occurs, then the savepoint transaction is
-** rolled back, restoring the target database to its original state, and an
-** SQLite error code returned.
-**
 ** If the output parameters (ppRebase) and (pnRebase) are non-NULL and
 ** the input is a changeset (not a patchset), then sqlite3changeset_apply_v2()
 ** may set (*ppRebase) to point to a "rebase" that may be used with the
@@ -12496,6 +12655,23 @@ SQLITE_API int sqlite3changeset_apply_v2(
  void **ppRebase, int *pnRebase, /* OUT: Rebase data */
  int flags                       /* SESSION_CHANGESETAPPLY_* flags */
 );
+SQLITE_API int sqlite3changeset_apply_v3(
+  sqlite3 *db,                    /* Apply change to "main" db of this handle */
+  int nChangeset,                 /* Size of changeset in bytes */
+  void *pChangeset,               /* Changeset blob */
+  int(*xFilter)(
+    void *pCtx,                   /* Copy of sixth arg to _apply() */
+    sqlite3_changeset_iter *p     /* Handle describing change */
+  ),
+  int(*xConflict)(
+    void *pCtx,                   /* Copy of sixth arg to _apply() */
+    int eConflict,                /* DATA, MISSING, CONFLICT, CONSTRAINT */
+    sqlite3_changeset_iter *p     /* Handle describing change and conflict */
+  ),
+  void *pCtx,                     /* First argument passed to xConflict */
+  void **ppRebase, int *pnRebase, /* OUT: Rebase data */
+  int flags                       /* SESSION_CHANGESETAPPLY_* flags */
+);

 /*
 ** CAPI3REF: Flags for sqlite3changeset_apply_v2
@@ -12915,6 +13091,23 @@ SQLITE_API int sqlite3changeset_apply_v2_strm(
  void **ppRebase, int *pnRebase,
  int flags
 );
+SQLITE_API int sqlite3changeset_apply_v3_strm(
+  sqlite3 *db,                    /* Apply change to "main" db of this handle */
+  int (*xInput)(void *pIn, void *pData, int *pnData), /* Input function */
+  void *pIn,                                          /* First arg for xInput */
+  int(*xFilter)(
+    void *pCtx,                   /* Copy of sixth arg to _apply() */
+    sqlite3_changeset_iter *p
+  ),
+  int(*xConflict)(
+    void *pCtx,                   /* Copy of sixth arg to _apply() */
+    int eConflict,                /* DATA, MISSING, CONFLICT, CONSTRAINT */
+    sqlite3_changeset_iter *p     /* Handle describing change and conflict */
+  ),
+  void *pCtx,                     /* First argument passed to xConflict */
+  void **ppRebase, int *pnRebase,
+  int flags
+);
 SQLITE_API int sqlite3changeset_concat_strm(
  int (*xInputA)(void *pIn, void *pData, int *pnData),
  void *pInA,
--- a/deps/sqlite/sqlite3ext.h
+++ b/deps/sqlite/sqlite3ext.h
@@ -368,6 +368,10 @@ struct sqlite3_api_routines {
  int (*set_clientdata)(sqlite3*, const char*, void*, void(*)(void*));
  /* Version 3.50.0 and later */
  int (*setlk_timeout)(sqlite3*,int,int);
+  /* Version 3.51.0 and later */
+  int (*set_errmsg)(sqlite3*,int,const char*);
+  int (*db_status64)(sqlite3*,int,sqlite3_int64*,sqlite3_int64*,int);
+  
 };

 /*
@@ -703,6 +707,9 @@ typedef int (*sqlite3_loadext_entry)(
 #define sqlite3_set_clientdata         sqlite3_api->set_clientdata
 /* Version 3.50.0 and later */
 #define sqlite3_setlk_timeout          sqlite3_api->setlk_timeout
+/* Version 3.51.0 and later */
+#define sqlite3_set_errmsg             sqlite3_api->set_errmsg
+#define sqlite3_db_status64            sqlite3_api->db_status64
 #endif /* !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION) */

 #if !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
--- a/docs/model.md
+++ b/docs/model.md
@@ -0,0 +1,32 @@
+# Model
+
+A reasonable mental model of Tilde Friends is as a virtual computer. User
+interace is through a web browser. Communication with the outside world is
+through the Secure Scuttlebutt (SSB) network protocol. Persistence is through
+an SSB store and an additional key-value store in an sqlite database.
+
+The schema for the sqlite database is primarily a `messages` table and a
+`blobs` table, which are what one would expect from the SSB specifications.
+
+```dot
+digraph {
+    web_browser -> tilde_friends_web_interface [dir=both];
+    web_browser [shape=rect,label="Web Browser"];
+    subgraph cluster_tilde_friends {
+        label = "Tilde Friends";
+        tilde_friends_web_interface -> example_app [dir=both];
+        subgraph cluster_sandbox {
+            label = "app sandbox";
+            example_app;
+        }
+        example_app -> tilde_friends_core;
+        tilde_friends_core -> example_app;
+        tilde_friends_web_interface -> tilde_friends_core;
+        tilde_friends_core -> "db.sqlite";
+        tilde_friends_core -> ssb;
+        "db.sqlite" [shape=cylinder];
+    }
+    ssb -> other_ssb_clients [label="Secure Handshake",dir=both];
+    other_ssb_clients [shape=rect,label="SSB Peers"];
+}
+```
--- a/docs/usage.md
+++ b/docs/usage.md
@@ -41,11 +41,9 @@ options:
                                 ssb_port (default: 8008): Port on which to listen for SSB secure handshake connections.
                                 http_local_only (default: false): Whether to bind http(s) to the loopback address.  Otherwise any.
                                 http_port (default: 12345): Port on which to listen for HTTP connections.
-                                 https_port (default: 0): Port on which to listen for secure HTTP connections.
                                 out_http_port_file (default: ""): File to which to write bound HTTP port.
                                 blob_fetch_age_seconds (default: -1): Only blobs mentioned more recently than this age will be automatically fetched.
                                 blob_expire_age_seconds (default: -1): Blobs older than this will be automatically deleted.
-                                 fetch_hosts (default: ""): Comma-separated list of host names to which HTTP fetch requests are allowed.  None if empty.
                                 http_redirect (default: ""): If connecting by HTTP and HTTPS is configured, Location header prefix (ie, "http://example.com")
                                 index (default: "/~core/intro/"): Default path.
                                 index_map (default: ""): Mappings from hostname to redirect path, one per line, as in: "www.tildefriends.net=/~core/index/"
@@ -62,6 +60,7 @@ options:
                                 broadcast (default: true): Send network discovery broadcasts.
                                 discovery (default: true): Receive network discovery broadcasts.
                                 stay_connected (default: false): Whether to attempt to keep several peer connections open.
+                                 accepted_eula_version (default: 0): The version of the last accepted EULA.
  -o, --one-proc             Run everything in one process (unsafely!).
  -z, --zip path             Zip archive from which to load files.
  -v, --verbose              Log raw messages.
--- a/flake.lock
+++ b/flake.lock
@@ -20,11 +20,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1753749649,
-        "narHash": "sha256-+jkEZxs7bfOKfBIk430K+tK9IvXlwzqQQnppC2ZKFj4=",
+        "lastModified": 1758589230,
+        "narHash": "sha256-zMTCFGe8aVGTEr2RqUi/QzC1nOIQ0N1HRsbqB4f646k=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "1f08a4df998e21f4e8be8fb6fbf61d11a1a5076a",
+        "rev": "d1d883129b193f0b495d75c148c2c3a7d95789a0",
        "type": "github"
      },
      "original": {
--- a/metadata/en-US/changelogs/43.txt
+++ b/metadata/en-US/changelogs/43.txt
@@ -0,0 +1,8 @@
+* Fixed multiple issues with blob replication.
+* Fixed some link encoding issues.
+* Fixed some context menus being cut off.
+* Minor Android fixes.
+* Updates:
+  * CodeMirror
+  * OpenSSL 3.5.3
+  * QuickJS 2025-09-13
--- a/metadata/en-US/changelogs/44.txt
+++ b/metadata/en-US/changelogs/44.txt
@@ -0,0 +1,10 @@
+* Faster load times.
+* Private message fixes.
+* Fix contact groups expanding/collapsing.
+* Manual SSB theme color picker.
+* Give channel subscribe/unsubscribe similar grouping treatment to follows/blocks.
+* Slightly improved following/blocking message display.
+* Remove the query tab in favor of searching for "sql:SELECT ...".
+* Exclude messages for subscribed channels from the general feed.
+* Remove OpenSSL.
+* Updates: CodeMirror, libbacktrace, and speedscope 1.24.0.
--- a/metadata/en-US/changelogs/48.txt
+++ b/metadata/en-US/changelogs/48.txt
@@ -0,0 +1,9 @@
+* Fixed disagreement in identity information.
+* Show more context when prompting for permissions.
+* Reduce redundant queries to improve load times.
+* Improved profile load times.
+* Don't show an empty code of conduct.
+* Resolve ambiguity when a user is both followed and blocked (they're blocked).
+* Move perf tracing viewer into a trace app.
+* Minor UI improvements.
+* Updates: CodeMirror, emojis, libbacktrace, sqlite 3.51.0.
--- a/src/android/AndroidManifest.xml
+++ b/src/android/AndroidManifest.xml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="utf-8"?>
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 	package="com.unprompted.tildefriends"
-	android:versionCode="42"
-	android:versionName="0.2025.8">
+	android:versionCode="48"
+	android:versionName="0.2025.11">
 	<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
 	<uses-permission android:name="android.permission.INTERNET"/>
 	<application
--- a/src/android/com/unprompted/tildefriends/TildeFriendsActivity.java
+++ b/src/android/com/unprompted/tildefriends/TildeFriendsActivity.java
@@ -19,7 +19,6 @@ import android.os.RemoteException;
 import android.os.StrictMode;
 import android.text.InputType;
 import android.util.Base64;
-import android.util.Log;
 import android.view.KeyEvent;
 import android.view.MotionEvent;
 import android.view.View;
@@ -44,6 +43,7 @@ import java.io.File;
 import java.io.FileOutputStream;
 import java.io.FileReader;
 import java.io.OutputStream;
+import java.util.concurrent.LinkedBlockingQueue;
 import java.util.concurrent.TimeUnit;

 public class TildeFriendsActivity extends Activity {
@@ -53,29 +53,42 @@ public class TildeFriendsActivity extends Activity {
 	String port_file_path;
 	Thread create_thread;
 	Thread server_thread;
+	Thread log_thread;
 	ServiceConnection service_connection;
 	FileObserver observer;
+	LinkedBlockingQueue<String> log_queue = new LinkedBlockingQueue<String>();

 	private ValueCallback<Uri[]> upload_message;
 	private final static int FILECHOOSER_RESULT = 1;
 	private float touch_down_y;
 	private boolean ready = false;
 	private boolean loaded = false;
+	private boolean shutting_down = false;

 	static {
-		Log.w("tildefriends", "Calling system.loadLibrary().");
+		log("Calling system.loadLibrary().");
 		System.loadLibrary("tildefriends");
-		Log.w("tildefriends", "system.loadLibrary() completed.");
+		log("system.loadLibrary() completed.");
 	}

 	public static native int tf_server_main(String files_dir, String apk_path, String out_port_file_path, ConnectivityManager connectivity_manager);
 	public static native int tf_sandbox_main(int pipe_fd);

+	public static void log(String message) {
+		if (s_activity != null && s_activity.log_queue != null && message != null) {
+			try {
+				s_activity.log_queue.put(message);
+			} catch (InterruptedException e) {
+				android.util.Log.w("tildefriends", message);
+			}
+		}
+	}
+
 	private void createThread() {
 		web_view = (TildeFriendsWebView)findViewById(R.id.web);
-		Log.w("tildefriends", String.format("getFilesDir() is %s", getFilesDir().toString()));
-		Log.w("tildefriends", String.format("getPackageResourcePath() is %s", getPackageResourcePath().toString()));
-		Log.w("tildefriends", String.format("nativeLibraryDir is %s", getApplicationInfo().nativeLibraryDir));
+		log(String.format("getFilesDir() is %s", getFilesDir().toString()));
+		log(String.format("getPackageResourcePath() is %s", getPackageResourcePath().toString()));
+		log(String.format("nativeLibraryDir is %s", getApplicationInfo().nativeLibraryDir));

 		port_file_path = getFilesDir().toString() + "/port.txt";
 		new File(port_file_path).delete();
@@ -86,17 +99,17 @@ public class TildeFriendsActivity extends Activity {
 		server_thread = new Thread(new Runnable() {
 			@Override
 			public void run() {
-				Log.w("tildefriends", "Watching for changes in: " + getFilesDir().toString());
+				log("Watching for changes in: " + getFilesDir().toString());
 				observer = make_file_observer(getFilesDir().toString(), port_file_path);
 				observer.startWatching();

-				Log.w("tildefriends", "Calling tf_server_main.");
+				log("Calling tf_server_main.");
 				int result = tf_server_main(
 					getFilesDir().toString(),
 					getPackageResourcePath().toString(),
 					port_file_path,
 					(ConnectivityManager)getApplicationContext().getSystemService(CONNECTIVITY_SERVICE));
-				Log.w("tildefriends", "tf_server_main returned " + result + ".");
+				log("tf_server_main returned " + result + ".");
 			}
 		});
 		server_thread.start();
@@ -110,17 +123,17 @@ public class TildeFriendsActivity extends Activity {

 			web_view.setDownloadListener(new DownloadListener() {
 				public void onDownloadStart(String url, String userAgent, String content_disposition, String mime_type, long content_length) {
-					Log.w("tildefriends", "Let's download: " + url + " (" + content_disposition + ")");
+					log("Let's download: " + url + " (" + content_disposition + ")");
 					String file_name = URLUtil.guessFileName(url, content_disposition, mime_type);
 					if (url.startsWith("data:") && url.indexOf(',') != -1) {
 						String b64 = url.substring(url.indexOf(',') + 1);
 						byte[] data = Base64.decode(b64, Base64.DEFAULT);
-						Log.w("tildefriends", "Downloaded " + data.length + " bytes.");
+						log("Downloaded " + data.length + " bytes.");
 						File path = Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS);
 						try (OutputStream stream = new FileOutputStream(new File(path, file_name))) {
 							stream.write(data);
 						} catch (java.io.IOException e) {
-							Log.w("tildefriends", "IOException: " + e.toString());
+							log("IOException: " + e.toString());
 						}
 						Toast.makeText(getApplicationContext(), "Downloaded File", Toast.LENGTH_LONG).show();
 					} else {
@@ -228,7 +241,7 @@ public class TildeFriendsActivity extends Activity {

 				@Override
 				public boolean onConsoleMessage(android.webkit.ConsoleMessage consoleMessage) {
-					Log.d("tildefriends", consoleMessage.message() + " -- From line " + consoleMessage.lineNumber() + " of " + consoleMessage.sourceId());
+					log(consoleMessage.message() + " -- From line " + consoleMessage.lineNumber() + " of " + consoleMessage.sourceId());
 					return true;
 				}
 			});
@@ -259,10 +272,27 @@ public class TildeFriendsActivity extends Activity {
 	protected void onCreate(Bundle savedInstanceState) {
 		s_activity = this;
 		super.onCreate(savedInstanceState);
+		log_thread = new Thread(new Runnable() {
+			@Override
+			public void run() {
+				while (!s_activity.shutting_down) {
+					try {
+						String message = log_queue.take();
+						if (message != null) {
+							android.util.Log.w("tildefriends", message);
+						} else {
+							break;
+						}
+					} catch (InterruptedException e) {
+					}
+				}
+			}
+		});
+		log_thread.start();
 		StrictMode.setThreadPolicy(
 			new StrictMode.ThreadPolicy.Builder()
 				.detectAll()
-				.penaltyDialog()
+				//.penaltyDialog()
 				.penaltyLog()
 				.build());
 		StrictMode.setVmPolicy(
@@ -305,8 +335,17 @@ public class TildeFriendsActivity extends Activity {
 	@Override
 	protected void onDestroy()
 	{
-		super.onDestroy();
+		try {
+			shutting_down = true;
+			if (log_queue != null) {
+					log_queue.put("Goodbye.");
+			}
+			log_thread.join();
+		} catch (InterruptedException e) {
+		}
+		log_thread = null;
 		s_activity = null;
+		super.onDestroy();
 	}

 	@Override
@@ -399,32 +438,32 @@ public class TildeFriendsActivity extends Activity {
 	}

 	public static void start_sandbox(int pipe_fd) {
-		Log.w("tildefriends", "starting service with fd: " + pipe_fd);
+		log("starting service with fd: " + pipe_fd);
 		Intent intent = new Intent(s_activity, TildeFriendsSandboxService.class);
 		s_activity.service_connection = new ServiceConnection() {
 			@Override
 			public void onBindingDied(ComponentName name) {
-				Log.w("tildefriends", "onBindingDied");
+				log("onBindingDied");
 			}

 			@Override
 			public void onNullBinding(ComponentName name) {
-				Log.w("tildefriends", "onNullBinding");
+				log("onNullBinding");
 			}

 			@Override
 			public void onServiceConnected(ComponentName name, IBinder binder) {
-				Log.w("tildefriends", "onServiceConnected");
+				log("onServiceConnected");
 				Parcel data = Parcel.obtain();
 				try (ParcelFileDescriptor pfd = ParcelFileDescriptor.fromFd(pipe_fd)) {
 					data.writeParcelable(pfd, 0);
 				} catch (java.io.IOException e) {
-					Log.w("tildefriends", "IOException: " + e);
+					log("IOException: " + e);
 				}
 				try {
 					binder.transact(TildeFriendsSandboxService.START_CALL,  data, null, IBinder.FLAG_ONEWAY);
 				} catch (RemoteException e) {
-					Log.w("tildefriends", "RemoteException");
+					log("RemoteException");
 				} finally {
 					data.recycle();
 				}
@@ -432,14 +471,14 @@ public class TildeFriendsActivity extends Activity {

 			@Override
 			public void onServiceDisconnected(ComponentName name) {
-				Log.w("tildefriends", "onServiceDisconnected");
+				log("onServiceDisconnected");
 			}
 		};
 		s_activity.bindService(intent, s_activity.service_connection, BIND_AUTO_CREATE | BIND_NOT_FOREGROUND);
 	}

 	public static void stop_sandbox() {
-		Log.w("tildefriends", "stop_sandbox");
+		log("stop_sandbox");
 		if (s_activity.service_connection != null) {
 			s_activity.unbindService(s_activity.service_connection);
 			s_activity.service_connection = null;
--- a/src/android/com/unprompted/tildefriends/TildeFriendsSandboxService.java
+++ b/src/android/com/unprompted/tildefriends/TildeFriendsSandboxService.java
@@ -6,7 +6,6 @@ import android.os.Binder;
 import android.os.IBinder;
 import android.os.Parcel;
 import android.os.ParcelFileDescriptor;
-import android.util.Log;

 public class TildeFriendsSandboxService extends Service {
 	public static final int START_CALL = IBinder.FIRST_CALL_TRANSACTION;
@@ -14,12 +13,12 @@ public class TildeFriendsSandboxService extends Service {
 	Thread thread;

 	public int onStartCommand(Intent intent, int flags, int start_id) {
-		Log.w("tildefriends", "TildeFriendsSandboxService: onStartCommand");
+		TildeFriendsActivity.log("TildeFriendsSandboxService: onStartCommand");
 		return super.onStartCommand(intent, flags, start_id);
 	}

 	public void onDestroy() {
-		Log.w("tildefriends", "TildeFriendsSandboxService: onDestroy");
+		TildeFriendsActivity.log("TildeFriendsSandboxService: onDestroy");
 		super.onDestroy();
 	}

@@ -27,9 +26,9 @@ public class TildeFriendsSandboxService extends Service {
 		thread = new Thread(new Runnable() {
 			@Override
 			public void run() {
-				Log.w("tildefriends", "Calling tf_sandbox_main.");
+				TildeFriendsActivity.log("Calling tf_sandbox_main.");
 				int result = TildeFriendsActivity.tf_sandbox_main(pipe_fd);
-				Log.w("tildefriends", "tf_sandbox_main returned " + result + ".");
+				TildeFriendsActivity.log("tf_sandbox_main returned " + result + ".");
 			}
 		});
 		thread.start();
@@ -43,7 +42,7 @@ public class TildeFriendsSandboxService extends Service {
 				if (code == START_CALL) {
 					ParcelFileDescriptor pfd = read_pfd(data);
 					if (pfd != null) {
-						Log.w("tildefriends", "fd is " + pfd.getFd());
+						TildeFriendsActivity.log("fd is " + pfd.getFd());
 						start_thread(pfd.detachFd());
 						try {
 							pfd.close();
--- a/src/api.js.c
+++ b/src/api.js.c
@@ -74,7 +74,7 @@ static void _tf_api_core_apps_after_work(tf_ssb_t* ssb, int status, void* user_d
 	JSValue result = JS_NewObject(context);
 	for (int i = 0; i < work->count; i++)
 	{
-		JS_SetPropertyStr(context, result, work->apps[i].app, JS_NewString(context, work->apps[i].path));
+		JS_SetPropertyStr(context, result, work->apps[i].app, JS_NewString(context, work->apps[i].path ? work->apps[i].path : ""));
 	}
 	JSValue error = JS_Call(context, work->promise[0], JS_UNDEFINED, 1, &result);
 	tf_util_report_error(context, error);
@@ -147,12 +147,695 @@ static JSValue _tf_api_core_apps(JSContext* context, JSValueConst this_val, int
 	return result;
 }

+typedef struct _users_t
+{
+	const char* users;
+	JSContext* context;
+	JSValue promise[2];
+} users_t;
+
+static void _tf_api_core_users_work(tf_ssb_t* ssb, void* user_data)
+{
+	users_t* work = user_data;
+	work->users = tf_ssb_db_get_property(ssb, "auth", "users");
+}
+
+static void _tf_api_core_users_after_work(tf_ssb_t* ssb, int status, void* user_data)
+{
+	users_t* work = user_data;
+	JSContext* context = work->context;
+	JSValue result = JS_UNDEFINED;
+	if (work->users)
+	{
+		result = JS_ParseJSON(context, work->users, strlen(work->users), NULL);
+		tf_free((void*)work->users);
+	}
+	if (JS_IsUndefined(result))
+	{
+		result = JS_NewArray(context);
+	}
+	JSValue error = JS_Call(context, JS_IsArray(context, result) ? work->promise[0] : work->promise[1], JS_UNDEFINED, 1, &result);
+	tf_util_report_error(context, error);
+	JS_FreeValue(context, error);
+	JS_FreeValue(context, result);
+	JS_FreeValue(context, work->promise[0]);
+	JS_FreeValue(context, work->promise[1]);
+	tf_free(work);
+}
+
+static JSValue _tf_api_core_users(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv, int magic, JSValue* data)
+{
+	tf_task_t* task = tf_task_get(context);
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	users_t* work = tf_malloc(sizeof(users_t));
+	*work = (users_t) {
+		.context = context,
+	};
+	JSValue result = JS_NewPromiseCapability(context, work->promise);
+	tf_ssb_run_work(ssb, _tf_api_core_users_work, _tf_api_core_users_after_work, work);
+	return result;
+}
+
+static JSValue _tf_api_core_register(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv, int magic, JSValue* data)
+{
+	JSValue event_name = argv[0];
+	JSValue handler = argv[1];
+	JSValue process = data[0];
+	JSValue event_handlers = JS_GetPropertyStr(context, process, "eventHandlers");
+	JSAtom atom = JS_ValueToAtom(context, event_name);
+	JSValue array = JS_GetProperty(context, event_handlers, atom);
+	if (!JS_IsArray(context, array))
+	{
+		JS_FreeValue(context, array);
+		array = JS_NewArray(context);
+		JS_SetProperty(context, event_handlers, atom, JS_DupValue(context, array));
+	}
+	JS_SetPropertyUint32(context, array, tf_util_get_length(context, array), JS_DupValue(context, handler));
+	JS_FreeValue(context, array);
+	JS_FreeAtom(context, atom);
+	JS_FreeValue(context, event_handlers);
+	return JS_UNDEFINED;
+}
+
+static JSValue _tf_api_core_unregister(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv, int magic, JSValue* data)
+{
+	JSValue event_name = argv[0];
+	JSValue handler = argv[1];
+	JSValue process = data[0];
+	JSValue event_handlers = JS_GetPropertyStr(context, process, "eventHandlers");
+	JSAtom atom = JS_ValueToAtom(context, event_name);
+	JSValue array = JS_GetProperty(context, event_handlers, atom);
+
+	if (JS_IsArray(context, array))
+	{
+		JSValue index_of = JS_GetPropertyStr(context, array, "indexOf");
+
+		JSValue index = JS_Call(context, index_of, array, 1, &handler);
+		int int_index = -1;
+		JS_ToInt32(context, &int_index, index);
+		if (int_index != -1)
+		{
+			JSValue splice = JS_GetPropertyStr(context, array, "splice");
+			JSValue splice_args[] = {
+				index,
+				JS_NewInt32(context, 1),
+			};
+			JSValue result = JS_Call(context, splice, array, 2, splice_args);
+			JS_FreeValue(context, result);
+			JS_FreeValue(context, splice);
+		}
+		JS_FreeValue(context, index);
+		JS_FreeValue(context, index_of);
+
+		if (tf_util_get_length(context, array) == 0)
+		{
+			JS_DeleteProperty(context, event_handlers, atom, 0);
+		}
+	}
+
+	JS_FreeValue(context, array);
+	JS_FreeAtom(context, atom);
+	JS_FreeValue(context, event_handlers);
+	return JS_UNDEFINED;
+}
+
+typedef struct _permissions_for_user_t
+{
+	const char* user;
+	const char* settings;
+	JSContext* context;
+	JSValue promise[2];
+} permissions_for_user_t;
+
+static void _tf_api_core_permissions_for_user_work(tf_ssb_t* ssb, void* user_data)
+{
+	permissions_for_user_t* work = user_data;
+	work->settings = tf_ssb_db_get_property(ssb, "core", "settings");
+}
+
+static void _tf_api_core_permissions_for_user_after_work(tf_ssb_t* ssb, int status, void* user_data)
+{
+	permissions_for_user_t* work = user_data;
+	JSContext* context = work->context;
+	JSValue result = JS_UNDEFINED;
+	if (work->settings)
+	{
+		JSValue json = JS_ParseJSON(context, work->settings, strlen(work->settings), NULL);
+		if (JS_IsObject(json))
+		{
+			JSValue permissions = JS_GetPropertyStr(context, json, "permissions");
+			if (JS_IsObject(permissions))
+			{
+				result = JS_GetPropertyStr(context, permissions, work->user);
+			}
+			JS_FreeValue(context, permissions);
+		}
+		JS_FreeValue(context, json);
+		tf_free((void*)work->settings);
+	}
+	if (JS_IsUndefined(result))
+	{
+		result = JS_NewArray(context);
+	}
+	JSValue error = JS_Call(context, JS_IsArray(context, result) ? work->promise[0] : work->promise[1], JS_UNDEFINED, 1, &result);
+	tf_util_report_error(context, error);
+	JS_FreeValue(context, error);
+	JS_FreeValue(context, result);
+	JS_FreeValue(context, work->promise[0]);
+	JS_FreeValue(context, work->promise[1]);
+	JS_FreeCString(context, work->user);
+	tf_free(work);
+}
+
+static JSValue _tf_api_core_permissionsForUser(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv, int magic, JSValue* data)
+{
+	tf_task_t* task = tf_task_get(context);
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	permissions_for_user_t* work = tf_malloc(sizeof(permissions_for_user_t));
+	*work = (permissions_for_user_t) {
+		.context = context,
+		.user = JS_ToCString(context, argv[0]),
+	};
+	JSValue result = JS_NewPromiseCapability(context, work->promise);
+	tf_ssb_run_work(ssb, _tf_api_core_permissions_for_user_work, _tf_api_core_permissions_for_user_after_work, work);
+	return result;
+}
+
+typedef struct _permissions_granted_t
+{
+	JSContext* context;
+	const char* user;
+	const char* package_owner;
+	const char* package_name;
+	const char* settings;
+	JSValue promise[2];
+} permissions_granted_t;
+
+static void _tf_api_core_permissions_granted_work(tf_ssb_t* ssb, void* user_data)
+{
+	permissions_granted_t* work = user_data;
+	work->settings = tf_ssb_db_get_property(ssb, "core", "settings");
+}
+
+static void _tf_api_core_permissions_granted_after_work(tf_ssb_t* ssb, int status, void* user_data)
+{
+	permissions_granted_t* work = user_data;
+	JSContext* context = work->context;
+	JSValue result = JS_UNDEFINED;
+	if (work->settings)
+	{
+		JSValue json = JS_ParseJSON(context, work->settings, strlen(work->settings), NULL);
+		if (JS_IsObject(json) && work->user && work->package_owner && work->package_name)
+		{
+			JSValue user_permissions = JS_GetPropertyStr(context, json, "userPermissions");
+			if (JS_IsObject(user_permissions))
+			{
+				JSValue user = JS_GetPropertyStr(context, user_permissions, work->user);
+				if (JS_IsObject(user))
+				{
+					JSValue package_owner = JS_GetPropertyStr(context, user, work->package_owner);
+					if (JS_IsObject(package_owner))
+					{
+						result = JS_GetPropertyStr(context, package_owner, work->package_name);
+					}
+					JS_FreeValue(context, package_owner);
+				}
+				JS_FreeValue(context, user);
+			}
+			JS_FreeValue(context, user_permissions);
+		}
+		JS_FreeValue(context, json);
+		tf_free((void*)work->settings);
+	}
+
+	JSValue error = JS_Call(context, work->promise[0], JS_UNDEFINED, 1, &result);
+	tf_util_report_error(context, error);
+	JS_FreeValue(context, error);
+	JS_FreeValue(context, result);
+	JS_FreeValue(context, work->promise[0]);
+	JS_FreeValue(context, work->promise[1]);
+	tf_free((void*)work->user);
+	tf_free((void*)work->package_owner);
+	tf_free((void*)work->package_name);
+	tf_free(work);
+}
+
+static const char* _tf_ssb_get_process_credentials_session_name(JSContext* context, JSValue process)
+{
+	JSValue credentials = JS_IsObject(process) ? JS_GetPropertyStr(context, process, "credentials") : JS_UNDEFINED;
+	JSValue session = JS_IsObject(credentials) ? JS_GetPropertyStr(context, credentials, "session") : JS_UNDEFINED;
+	JSValue name_value = JS_IsObject(session) ? JS_GetPropertyStr(context, session, "name") : JS_UNDEFINED;
+	const char* name = JS_IsString(name_value) ? JS_ToCString(context, name_value) : NULL;
+	const char* result = tf_strdup(name);
+	JS_FreeCString(context, name);
+	JS_FreeValue(context, name_value);
+	JS_FreeValue(context, session);
+	JS_FreeValue(context, credentials);
+	return result;
+}
+
+static JSValue _tf_api_core_permissionsGranted(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv, int magic, JSValue* data)
+{
+	tf_task_t* task = tf_task_get(context);
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	JSValue process = data[0];
+	JSValue package_owner_value = JS_GetPropertyStr(context, process, "packageOwner");
+	JSValue package_name_value = JS_GetPropertyStr(context, process, "packageName");
+	const char* package_owner = JS_ToCString(context, package_owner_value);
+	const char* package_name = JS_ToCString(context, package_name_value);
+	permissions_granted_t* work = tf_malloc(sizeof(permissions_granted_t));
+	*work = (permissions_granted_t) {
+		.context = context,
+		.user = _tf_ssb_get_process_credentials_session_name(context, process),
+		.package_owner = tf_strdup(package_owner),
+		.package_name = tf_strdup(package_name),
+	};
+	JS_FreeCString(context, package_owner);
+	JS_FreeCString(context, package_name);
+	JS_FreeValue(context, package_owner_value);
+	JS_FreeValue(context, package_name_value);
+	JSValue result = JS_NewPromiseCapability(context, work->promise);
+	tf_ssb_run_work(ssb, _tf_api_core_permissions_granted_work, _tf_api_core_permissions_granted_after_work, work);
+	return result;
+}
+
+typedef struct _active_identity_work_t
+{
+	JSContext* context;
+	const char* name;
+	const char* package_owner;
+	const char* package_name;
+	char identity[k_id_base64_len];
+	int result;
+	JSValue promise[2];
+} active_identity_work_t;
+
+static void _tf_ssb_getActiveIdentity_visit(const char* identity, void* user_data)
+{
+	active_identity_work_t* request = user_data;
+	if (!*request->identity)
+	{
+		snprintf(request->identity, sizeof(request->identity), "@%s", identity);
+	}
+}
+
+static void _tf_ssb_getActiveIdentity_work(tf_ssb_t* ssb, void* user_data)
+{
+	active_identity_work_t* request = user_data;
+	sqlite3* db = tf_ssb_acquire_db_reader(ssb);
+	tf_ssb_db_identity_get_active(db, request->name, request->package_owner, request->package_name, request->identity, sizeof(request->identity));
+	tf_ssb_release_db_reader(ssb, db);
+
+	if (!*request->identity && tf_ssb_db_user_has_permission(ssb, NULL, request->name, "administration"))
+	{
+		tf_ssb_whoami(ssb, request->identity, sizeof(request->identity));
+	}
+
+	if (!*request->identity)
+	{
+		tf_ssb_db_identity_visit(ssb, request->name, _tf_ssb_getActiveIdentity_visit, request);
+	}
+}
+
+static void _tf_ssb_getActiveIdentity_after_work(tf_ssb_t* ssb, int status, void* user_data)
+{
+	active_identity_work_t* request = user_data;
+	JSContext* context = request->context;
+	if (request->result == 0)
+	{
+		JSValue identity = JS_NewString(context, request->identity);
+		JSValue error = JS_Call(context, request->promise[0], JS_UNDEFINED, 1, &identity);
+		JS_FreeValue(context, identity);
+		tf_util_report_error(context, error);
+		JS_FreeValue(context, error);
+	}
+	else
+	{
+		JSValue error = JS_Call(context, request->promise[1], JS_UNDEFINED, 0, NULL);
+		tf_util_report_error(context, error);
+		JS_FreeValue(context, error);
+	}
+	JS_FreeValue(context, request->promise[0]);
+	JS_FreeValue(context, request->promise[1]);
+	tf_free((void*)request->name);
+	tf_free((void*)request->package_owner);
+	tf_free((void*)request->package_name);
+	tf_free(request);
+}
+
+static JSValue _tf_ssb_getActiveIdentity(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv, int magic, JSValue* data)
+{
+	tf_task_t* task = tf_task_get(context);
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	JSValue process = data[0];
+	JSValue package_owner_value = JS_GetPropertyStr(context, process, "packageOwner");
+	JSValue package_name_value = JS_GetPropertyStr(context, process, "packageName");
+
+	const char* name = _tf_ssb_get_process_credentials_session_name(context, process);
+	const char* package_owner = JS_ToCString(context, package_owner_value);
+	const char* package_name = JS_ToCString(context, package_name_value);
+	active_identity_work_t* work = tf_malloc(sizeof(active_identity_work_t));
+	*work = (active_identity_work_t) {
+		.context = context,
+		.name = tf_strdup(name),
+		.package_owner = tf_strdup(package_owner),
+		.package_name = tf_strdup(package_name),
+	};
+	JSValue result = JS_NewPromiseCapability(context, work->promise);
+	tf_free((void*)name);
+	JS_FreeCString(context, package_owner);
+	JS_FreeCString(context, package_name);
+
+	JS_FreeValue(context, package_owner_value);
+	JS_FreeValue(context, package_name_value);
+	tf_ssb_run_work(ssb, _tf_ssb_getActiveIdentity_work, _tf_ssb_getActiveIdentity_after_work, work);
+	return result;
+}
+
+typedef struct _identities_visit_t
+{
+	JSContext* context;
+	JSValue promise[2];
+	const char** identities;
+	int count;
+	char user[];
+} identities_visit_t;
+
+static void _tf_ssb_getIdentities_visit(const char* identity, void* user_data)
+{
+	identities_visit_t* work = user_data;
+	work->identities = tf_resize_vec(work->identities, (work->count + 1) * sizeof(const char*));
+	char id[k_id_base64_len];
+	snprintf(id, sizeof(id), "@%s", identity);
+	work->identities[work->count++] = tf_strdup(id);
+}
+
+static void _tf_ssb_get_all_identities_work(tf_ssb_t* ssb, void* user_data)
+{
+	tf_ssb_db_identity_visit_all(ssb, _tf_ssb_getIdentities_visit, user_data);
+}
+
+static void _tf_ssb_get_identities_after_work(tf_ssb_t* ssb, int status, void* user_data)
+{
+	identities_visit_t* work = user_data;
+	JSContext* context = tf_ssb_get_context(ssb);
+	JSValue result = JS_NewArray(context);
+	for (int i = 0; i < work->count; i++)
+	{
+		JS_SetPropertyUint32(context, result, i, JS_NewString(context, work->identities[i]));
+		tf_free((void*)work->identities[i]);
+	}
+	tf_free(work->identities);
+
+	JSValue error = JS_Call(context, work->promise[0], JS_UNDEFINED, 1, &result);
+	JS_FreeValue(context, result);
+	tf_util_report_error(context, error);
+	JS_FreeValue(context, error);
+	JS_FreeValue(context, work->promise[0]);
+	JS_FreeValue(context, work->promise[1]);
+	tf_free(work);
+}
+
+static JSValue _tf_ssb_getAllIdentities(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
+{
+	JSValue result = JS_UNDEFINED;
+	tf_task_t* task = tf_task_get(context);
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	if (ssb)
+	{
+		identities_visit_t* work = tf_malloc(sizeof(identities_visit_t));
+		*work = (identities_visit_t) {
+			.context = context,
+		};
+
+		result = JS_NewPromiseCapability(context, work->promise);
+		tf_ssb_run_work(ssb, _tf_ssb_get_all_identities_work, _tf_ssb_get_identities_after_work, work);
+	}
+	return result;
+}
+
+static void _tf_ssb_get_identities_work(tf_ssb_t* ssb, void* user_data)
+{
+	identities_visit_t* work = user_data;
+	if (tf_ssb_db_user_has_permission(ssb, NULL, work->user, "administration"))
+	{
+		char id[k_id_base64_len] = "";
+		if (tf_ssb_whoami(ssb, id, sizeof(id)))
+		{
+			_tf_ssb_getIdentities_visit(*id == '@' ? id + 1 : id, work);
+		}
+	}
+	tf_ssb_db_identity_visit(ssb, work->user, _tf_ssb_getIdentities_visit, user_data);
+}
+
+static JSValue _tf_ssb_getIdentities(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv, int magic, JSValue* data)
+{
+	JSValue result = JS_UNDEFINED;
+	tf_task_t* task = tf_task_get(context);
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	JSValue process = data[0];
+	if (ssb)
+	{
+		const char* user = _tf_ssb_get_process_credentials_session_name(context, process);
+		if (user)
+		{
+			size_t user_length = user ? strlen(user) : 0;
+			identities_visit_t* work = tf_malloc(sizeof(identities_visit_t) + user_length + 1);
+			*work = (identities_visit_t) {
+				.context = context,
+			};
+			memcpy(work->user, user, user_length + 1);
+			tf_free((void*)user);
+
+			result = JS_NewPromiseCapability(context, work->promise);
+			tf_ssb_run_work(ssb, _tf_ssb_get_identities_work, _tf_ssb_get_identities_after_work, work);
+		}
+	}
+	return result;
+}
+
+static JSValue _tf_ssb_getOwnerIdentities(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv, int magic, JSValue* data)
+{
+	JSValue result = JS_UNDEFINED;
+	tf_task_t* task = tf_task_get(context);
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	JSValue process = data[0];
+	if (ssb)
+	{
+		JSValue value = JS_GetPropertyStr(context, process, "packageOwner");
+		const char* user = JS_ToCString(context, value);
+		size_t user_length = user ? strlen(user) : 0;
+		identities_visit_t* work = tf_malloc(sizeof(identities_visit_t) + user_length + 1);
+		*work = (identities_visit_t) {
+			.context = context,
+		};
+		memcpy(work->user, user, user_length + 1);
+		JS_FreeCString(context, user);
+		JS_FreeValue(context, value);
+
+		result = JS_NewPromiseCapability(context, work->promise);
+		tf_ssb_run_work(ssb, _tf_ssb_get_identities_work, _tf_ssb_get_identities_after_work, work);
+	}
+	return result;
+}
+
+typedef struct _settings_descriptions_get_t
+{
+	const char* settings;
+	JSContext* context;
+	JSValue promise[2];
+} settings_descriptions_get_t;
+
+static void _tf_ssb_get_settings_descriptions_work(tf_ssb_t* ssb, void* user_data)
+{
+	settings_descriptions_get_t* work = user_data;
+	work->settings = tf_ssb_db_get_property(ssb, "core", "settings");
+}
+
+static void _tf_ssb_get_settings_descriptions_after_work(tf_ssb_t* ssb, int status, void* user_data)
+{
+	settings_descriptions_get_t* work = user_data;
+	JSContext* context = work->context;
+	JSValue result = JS_NewObject(context);
+	JSValue settings = JS_ParseJSON(context, work->settings ? work->settings : "", work->settings ? strlen(work->settings) : 0, NULL);
+	const char* name;
+	const char* type;
+	tf_setting_kind_t kind;
+	const char* description;
+	for (int i = 0; tf_util_get_global_setting_by_index(i, &name, &type, &kind, &description); i++)
+	{
+		JSValue entry = JS_NewObject(context);
+		JS_SetPropertyStr(context, entry, "type", JS_NewString(context, type));
+		JS_SetPropertyStr(context, entry, "description", JS_NewString(context, description));
+		switch (kind)
+		{
+		case k_kind_unknown:
+			break;
+		case k_kind_bool:
+			JS_SetPropertyStr(context, entry, "default_value", JS_NewBool(context, tf_util_get_default_global_setting_bool(name)));
+			break;
+		case k_kind_int:
+			JS_SetPropertyStr(context, entry, "default_value", JS_NewInt32(context, tf_util_get_default_global_setting_int(name)));
+			break;
+		case k_kind_string:
+			JS_SetPropertyStr(context, entry, "default_value", JS_NewString(context, tf_util_get_default_global_setting_string(name)));
+			break;
+		}
+		if (JS_IsObject(settings))
+		{
+			JS_SetPropertyStr(context, entry, "value", JS_GetPropertyStr(context, settings, name));
+		}
+		JS_SetPropertyStr(context, result, name, entry);
+	}
+	JS_FreeValue(context, settings);
+	JSValue error = JS_Call(context, work->promise[0], JS_UNDEFINED, 1, &result);
+	tf_util_report_error(context, error);
+	JS_FreeValue(context, error);
+	JS_FreeValue(context, result);
+	JS_FreeValue(context, work->promise[0]);
+	JS_FreeValue(context, work->promise[1]);
+	tf_free((void*)work->settings);
+	tf_free(work);
+}
+
+static JSValue _tf_ssb_globalSettingsDescriptions(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
+{
+	tf_task_t* task = tf_task_get(context);
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	settings_descriptions_get_t* work = tf_malloc(sizeof(settings_descriptions_get_t));
+	*work = (settings_descriptions_get_t) { .context = context };
+	JSValue result = JS_NewPromiseCapability(context, work->promise);
+	tf_ssb_run_work(ssb, _tf_ssb_get_settings_descriptions_work, _tf_ssb_get_settings_descriptions_after_work, work);
+	return result;
+}
+
+typedef struct _settings_get_t
+{
+	const char* key;
+	tf_setting_kind_t kind;
+	void* value;
+	JSContext* context;
+	JSValue promise[2];
+} settings_get_t;
+
+static void _tf_ssb_settings_get_work(tf_ssb_t* ssb, void* user_data)
+{
+	settings_get_t* work = user_data;
+	work->kind = tf_util_get_global_setting_kind(work->key);
+	switch (work->kind)
+	{
+	case k_kind_unknown:
+		break;
+	case k_kind_bool:
+		{
+			sqlite3* db = tf_ssb_acquire_db_reader(ssb);
+			bool value = false;
+			tf_ssb_db_get_global_setting_bool(db, work->key, &value);
+			work->value = (void*)(intptr_t)value;
+			tf_ssb_release_db_reader(ssb, db);
+		}
+		break;
+	case k_kind_int:
+		{
+			sqlite3* db = tf_ssb_acquire_db_reader(ssb);
+			int64_t value = 0;
+			tf_ssb_db_get_global_setting_int64(db, work->key, &value);
+			work->value = (void*)(intptr_t)value;
+			tf_ssb_release_db_reader(ssb, db);
+		}
+		break;
+	case k_kind_string:
+		{
+			sqlite3* db = tf_ssb_acquire_db_reader(ssb);
+			work->value = (void*)tf_ssb_db_get_global_setting_string_alloc(db, work->key);
+			tf_ssb_release_db_reader(ssb, db);
+		}
+		break;
+	}
+}
+
+static void _tf_ssb_settings_get_after_work(tf_ssb_t* ssb, int status, void* user_data)
+{
+	settings_get_t* work = user_data;
+	JSContext* context = tf_ssb_get_context(ssb);
+	JSValue result = JS_UNDEFINED;
+	switch (work->kind)
+	{
+	case k_kind_unknown:
+		break;
+	case k_kind_bool:
+		result = work->value ? JS_TRUE : JS_FALSE;
+		break;
+	case k_kind_int:
+		result = JS_NewInt64(context, (int64_t)(intptr_t)work->value);
+		break;
+	case k_kind_string:
+		result = JS_NewString(context, (const char*)work->value);
+		tf_free(work->value);
+		break;
+	}
+
+	JSValue error = JS_Call(context, work->promise[0], JS_UNDEFINED, 1, &result);
+	tf_util_report_error(context, error);
+	JS_FreeValue(context, error);
+	JS_FreeValue(context, result);
+	JS_FreeValue(context, work->promise[0]);
+	JS_FreeValue(context, work->promise[1]);
+	JS_FreeCString(context, work->key);
+	tf_free(work);
+}
+
+static JSValue _tf_ssb_globalSettingsGet(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
+{
+	tf_task_t* task = tf_task_get(context);
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	settings_get_t* work = tf_malloc(sizeof(settings_get_t));
+	*work = (settings_get_t) { .context = context, .key = JS_ToCString(context, argv[0]) };
+	JSValue result = JS_NewPromiseCapability(context, work->promise);
+	tf_ssb_run_work(ssb, _tf_ssb_settings_get_work, _tf_ssb_settings_get_after_work, work);
+	return result;
+}
+
 static JSValue _tf_api_register_imports(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
 {
 	JSValue imports = argv[0];
 	JSValue process = argv[1];
 	JSValue core = JS_GetPropertyStr(context, imports, "core");
 	JS_SetPropertyStr(context, core, "apps", JS_NewCFunctionData(context, _tf_api_core_apps, 1, 0, 1, &process));
+	JS_SetPropertyStr(context, core, "register", JS_NewCFunctionData(context, _tf_api_core_register, 2, 0, 1, &process));
+	JS_SetPropertyStr(context, core, "unregister", JS_NewCFunctionData(context, _tf_api_core_unregister, 2, 0, 1, &process));
+
+	JS_SetPropertyStr(context, core, "users", JS_NewCFunctionData(context, _tf_api_core_users, 0, 0, 1, &process));
+
+	JS_SetPropertyStr(context, core, "permissionsForUser", JS_NewCFunctionData(context, _tf_api_core_permissionsForUser, 1, 0, 1, &process));
+	JS_SetPropertyStr(context, core, "permissionsGranted", JS_NewCFunctionData(context, _tf_api_core_permissionsGranted, 0, 0, 1, &process));
+
+	JSValue app = JS_NewObject(context);
+	JS_SetPropertyStr(context, app, "owner", JS_GetPropertyStr(context, process, "packageOwner"));
+	JS_SetPropertyStr(context, app, "name", JS_GetPropertyStr(context, process, "packageName"));
+	JS_SetPropertyStr(context, core, "app", app);
+
+	JS_SetPropertyStr(context, core, "url", JS_GetPropertyStr(context, process, "url"));
+
+	JSValue ssb = JS_GetPropertyStr(context, imports, "ssb");
+	JS_SetPropertyStr(context, ssb, "getAllIdentities", JS_NewCFunction(context, _tf_ssb_getAllIdentities, "getAllIdentities", 0));
+	JS_SetPropertyStr(context, ssb, "getActiveIdentity", JS_NewCFunctionData(context, _tf_ssb_getActiveIdentity, 0, 0, 1, &process));
+	JS_SetPropertyStr(context, ssb, "getIdentities", JS_NewCFunctionData(context, _tf_ssb_getIdentities, 0, 0, 1, &process));
+	JS_SetPropertyStr(context, ssb, "getOwnerIdentities", JS_NewCFunctionData(context, _tf_ssb_getOwnerIdentities, 0, 0, 1, &process));
+	JS_FreeValue(context, ssb);
+
+	JSValue credentials = JS_GetPropertyStr(context, process, "credentials");
+	JSValue permissions = JS_IsObject(credentials) ? JS_GetPropertyStr(context, credentials, "permissions") : JS_UNDEFINED;
+	JSValue administration = JS_IsObject(permissions) ? JS_GetPropertyStr(context, permissions, "administration") : JS_UNDEFINED;
+	if (JS_ToBool(context, administration) > 0)
+	{
+		JS_SetPropertyStr(context, core, "globalSettingsDescriptions", JS_NewCFunction(context, _tf_ssb_globalSettingsDescriptions, "globalSettingsDescriptions", 0));
+		JS_SetPropertyStr(context, core, "globalSettingsGet", JS_NewCFunction(context, _tf_ssb_globalSettingsGet, "globalSettingsGet", 1));
+	}
+	JS_FreeValue(context, administration);
+	JS_FreeValue(context, permissions);
+	JS_FreeValue(context, credentials);
+
 	JS_FreeValue(context, core);
 	return JS_UNDEFINED;
 }
--- a/src/bcrypt.js.c
+++ b/src/bcrypt.js.c
@@ -1,42 +0,0 @@
-#include "bcrypt.js.h"
-
-#include "task.h"
-
-#include "ow-crypt.h"
-#include "quickjs.h"
-#include "uv.h"
-
-static JSValue _crypt_hashpw(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
-{
-	const char* key = JS_ToCString(context, argv[0]);
-	const char* salt = JS_ToCString(context, argv[1]);
-	char output[7 + 22 + 31 + 1];
-	char* hash = crypt_rn(key, salt, output, sizeof(output));
-	JSValue result = JS_NewString(context, hash);
-	JS_FreeCString(context, key);
-	JS_FreeCString(context, salt);
-	return result;
-}
-
-static JSValue _crypt_gensalt(JSContext* context, JSValueConst this_val, int argc, JSValueConst* argv)
-{
-	int length = 0;
-	JS_ToInt32(context, &length, argv[0]);
-	char buffer[16];
-	tf_task_t* task = tf_task_get(context);
-	size_t bytes = uv_random(tf_task_get_loop(task), &(uv_random_t) { 0 }, buffer, sizeof(buffer), 0, NULL) == 0 ? sizeof(buffer) : 0;
-	char output[7 + 22 + 1];
-	char* salt = crypt_gensalt_rn("$2b$", length, buffer, bytes, output, sizeof(output));
-	JSValue result = JS_NewString(context, salt);
-	return result;
-}
-
-void tf_bcrypt_register(JSContext* context)
-{
-	JSValue global = JS_GetGlobalObject(context);
-	JSValue bcrypt = JS_NewObject(context);
-	JS_SetPropertyStr(context, global, "bCrypt", bcrypt);
-	JS_SetPropertyStr(context, bcrypt, "hashpw", JS_NewCFunction(context, _crypt_hashpw, "hashpw", 2));
-	JS_SetPropertyStr(context, bcrypt, "gensalt", JS_NewCFunction(context, _crypt_gensalt, "gensalt", 1));
-	JS_FreeValue(context, global);
-}
--- a/src/bcrypt.js.h
+++ b/src/bcrypt.js.h
@@ -1,19 +0,0 @@
-#pragma once
-
-/**
-** \defgroup bcrypt_js bCrypt
-** Exposes bcrypt to script, where it is used for hashing and verifying
-** passwords.
-** @{
-*/
-
-/** A JS context. */
-typedef struct JSContext JSContext;
-
-/**
-** Register the bcrypt script interface.
-** @param context The JS context.
-*/
-void tf_bcrypt_register(JSContext* context);
-
-/** @} */
--- a/src/http.c
+++ b/src/http.c
@@ -2,7 +2,6 @@

 #include "log.h"
 #include "mem.h"
-#include "tls.h"
 #include "trace.h"
 #include "util.js.h"

@@ -20,10 +19,12 @@

 static const int k_timeout_ms = 60000;

+static tf_http_t** s_http_instances;
+int s_http_instance_count;
+
 typedef struct _tf_http_connection_t
 {
 	tf_http_t* http;
-	tf_tls_session_t* tls;
 	uv_tcp_t tcp;
 	uv_shutdown_t shutdown;
 	uv_timer_t timeout;
@@ -75,7 +76,6 @@ typedef struct _tf_http_handler_t
 typedef struct _tf_http_listener_t
 {
 	tf_http_t* http;
-	tf_tls_context_t* tls;
 	uv_tcp_t tcp;
 	tf_http_cleanup_t* cleanup;
 	void* user_data;
@@ -106,7 +106,6 @@ typedef struct _tf_http_t
 static const char* _http_connection_get_header(const tf_http_connection_t* connection, const char* name);
 static void _http_connection_destroy(tf_http_connection_t* connection, const char* reason);
 static void _http_timer_reset(tf_http_connection_t* connection);
-static void _http_tls_update(tf_http_connection_t* connection);
 static void _http_builtin_404_handler(tf_http_request_t* request);

 tf_http_t* tf_http_create(uv_loop_t* loop)
@@ -115,6 +114,8 @@ tf_http_t* tf_http_create(uv_loop_t* loop)
 	*http = (tf_http_t) {
 		.loop = loop,
 	};
+	s_http_instances = tf_resize_vec(s_http_instances, sizeof(tf_http_t*) * (s_http_instance_count + 1));
+	s_http_instances[s_http_instance_count++] = http;
 	return http;
 }

@@ -255,11 +256,6 @@ static void _http_connection_destroy(tf_http_connection_t* connection, const cha
 	{
 		uv_close((uv_handle_t*)&connection->timeout, _http_connection_on_close);
 	}
-	if (connection->tls)
-	{
-		tf_tls_session_destroy(connection->tls);
-		connection->tls = NULL;
-	}

 	if (connection->ref_count == 0 && !connection->tcp.data && !connection->shutdown.data && !connection->timeout.data)
 	{
@@ -441,7 +437,6 @@ static void _http_add_body_bytes(tf_http_connection_t* connection, const void* d
 			*request = (tf_http_request_t) {
 				.http = connection->http,
 				.connection = connection,
-				.is_tls = connection->tls != NULL,
 				.method = connection->method,
 				.path = connection->path,
 				.query = connection->query,
@@ -582,21 +577,7 @@ static void _http_on_read(uv_stream_t* stream, ssize_t read_size, const uv_buf_t
 	_http_timer_reset(connection);
 	if (read_size > 0)
 	{
-		if (connection->tls)
-		{
-			if (tf_tls_session_write_encrypted(connection->tls, buffer->base, read_size) < 0)
-			{
-				_http_connection_destroy(connection, "tf_tls_session_write_encrypted");
-			}
-			else
-			{
-				_http_tls_update(connection);
-			}
-		}
-		else
-		{
-			_http_on_read_plain(connection, buffer->base, read_size);
-		}
+		_http_on_read_plain(connection, buffer->base, read_size);
 	}
 	else if (read_size < 0)
 	{
@@ -638,17 +619,6 @@ static void _http_on_connection(uv_stream_t* stream, int status)

 	tf_http_connection_t* connection = tf_malloc(sizeof(tf_http_connection_t));
 	*connection = (tf_http_connection_t) { .http = http, .tcp = { .data = connection }, .is_receiving_headers = true };
-	if (listener->tls)
-	{
-		connection->tls = tf_tls_context_create_session(listener->tls);
-		if (!connection->tls)
-		{
-			_http_connection_destroy(connection, "tf_tls_context_create_session");
-			return;
-		}
-		tf_tls_session_start_accept(connection->tls);
-		connection->is_handshaking = true;
-	}
 	int r = uv_tcp_init(connection->http->loop, &connection->tcp);
 	if (r)
 	{
@@ -689,21 +659,15 @@ static void _http_on_connection(uv_stream_t* stream, int status)
 		return;
 	}

-	if (connection->tls)
-	{
-		_http_tls_update(connection);
-	}
-
 	http->connections = tf_resize_vec(http->connections, sizeof(tf_http_connection_t*) * (http->connections_count + 1));
 	http->connections[http->connections_count++] = connection;
 }

-int tf_http_listen(tf_http_t* http, int port, bool local_only, tf_tls_context_t* tls, tf_http_cleanup_t* cleanup, void* user_data)
+int tf_http_listen(tf_http_t* http, int port, bool local_only, tf_http_cleanup_t* cleanup, void* user_data)
 {
 	tf_http_listener_t* listener = tf_malloc(sizeof(tf_http_listener_t));
 	*listener = (tf_http_listener_t) {
 		.http = http,
-		.tls = tls,
 		.tcp = { .data = listener },
 		.cleanup = cleanup,
 		.user_data = user_data,
@@ -872,6 +836,21 @@ void tf_http_destroy(tf_http_t* http)
 		http->handlers_count = 0;

 		tf_free(http);
+
+		for (int i = 0; i < s_http_instance_count; i++)
+		{
+			if (s_http_instances[i] == http)
+			{
+				s_http_instances[i] = s_http_instances[--s_http_instance_count];
+				break;
+			}
+		}
+		if (s_http_instance_count == 0)
+		{
+			tf_free(s_http_instances);
+			s_http_instances = NULL;
+		}
+		tf_printf("http %p destroyed\n", http);
 	}
 	else
 	{
@@ -928,71 +907,10 @@ static void _http_write_internal(tf_http_connection_t* connection, const void* d
 	}
 }

-static void _http_tls_update(tf_http_connection_t* connection)
-{
-	bool again = true;
-	while (again)
-	{
-		again = false;
-
-		if (connection->is_handshaking && connection->tls)
-		{
-			switch (tf_tls_session_handshake(connection->tls))
-			{
-			case k_tls_handshake_done:
-				connection->is_handshaking = false;
-				break;
-			case k_tls_handshake_more:
-				break;
-			case k_tls_handshake_failed:
-				_http_connection_destroy(connection, "tf_tls_session_handshake");
-				return;
-			}
-		}
-
-		/* Maybe we became disconnected and cleaned up our TLS session. */
-		if (connection->tls)
-		{
-			char buffer[8192];
-			int r = tf_tls_session_read_encrypted(connection->tls, buffer, sizeof(buffer));
-			if (r > 0)
-			{
-				_http_write_internal(connection, buffer, r);
-				again = true;
-			}
-		}
-
-		if (connection->tls)
-		{
-			char buffer[8192];
-			int r = tf_tls_session_read_plain(connection->tls, buffer, sizeof(buffer));
-			if (r > 0)
-			{
-				_http_on_read_plain(connection, buffer, r);
-				again = true;
-			}
-		}
-	}
-}
-
 static void _http_write(tf_http_connection_t* connection, const void* data, size_t size)
 {
 	_http_timer_reset(connection);
-	if (connection->tls)
-	{
-		int r = tf_tls_session_write_plain(connection->tls, data, size);
-		if (r < (ssize_t)size)
-		{
-			char buffer[8192];
-			tf_tls_session_get_error(connection->tls, buffer, sizeof(buffer));
-			tf_printf("tf_tls_session_write_plain: %s\n", buffer);
-		}
-		_http_tls_update(connection);
-	}
-	else
-	{
-		_http_write_internal(connection, data, size);
-	}
+	_http_write_internal(connection, data, size);
 }

 void tf_http_request_websocket_send(tf_http_request_t* request, int op_code, const void* data, size_t size)
@@ -1215,3 +1133,19 @@ const char* tf_http_get_cookie(const char* cookie_header, const char* name)
 	}
 	return NULL;
 }
+
+void tf_http_debug_destroy()
+{
+	for (int i = 0; i < s_http_instance_count; i++)
+	{
+		tf_http_t* http = s_http_instances[i];
+		tf_printf("http %p[%d]\n", http, i);
+		tf_printf("  connections = %d\n", http->connections_count);
+		for (int j = 0; j < http->connections_count; j++)
+		{
+			tf_http_connection_t* connection = http->connections[j];
+			tf_printf("    connection %p[%d] %s tcp=%p timeout=%p shutdown=%p rc=%d\n", connection, j, connection->trace_name, connection->tcp.data, connection->timeout.data,
+				connection->shutdown.data, connection->ref_count);
+		}
+	}
+}
--- a/src/http.h
+++ b/src/http.h
@@ -23,9 +23,6 @@ typedef struct _tf_http_request_t tf_http_request_t;
 /** An HTTP instance. */
 typedef struct _tf_http_t tf_http_t;

-/** A TLS context. */
-typedef struct _tf_tls_context_t tf_tls_context_t;
-
 /** A trace instance. */
 typedef struct _tf_trace_t tf_trace_t;

@@ -68,8 +65,6 @@ typedef struct _tf_http_request_t
 	tf_http_t* http;
 	/** The HTTP connection associated with this request. */
 	tf_http_connection_t* connection;
-	/** True if this is an HTTPS session. */
-	bool is_tls;
 	/** The HTTP method of the request (GET/POST/...). */
 	const char* method;
 	/** The HTTP request path. */
@@ -117,12 +112,11 @@ void tf_http_set_trace(tf_http_t* http, tf_trace_t* trace);
 ** @param http The HTTP instance.
 ** @param port The port on which to listen, or 0 to assign a free port.
 ** @param local_only Only access connections on localhost, otherwise any address.
-** @param tls An optional TLS context to use for HTTPS requests.
 ** @param cleanup A function called when the HTTP instance is being cleaned up.
 ** @param user_data User data passed to the cleanup callback.
 ** @return The port number on which the HTTP instance is now listening.
 */
-int tf_http_listen(tf_http_t* http, int port, bool local_only, tf_tls_context_t* tls, tf_http_cleanup_t* cleanup, void* user_data);
+int tf_http_listen(tf_http_t* http, int port, bool local_only, tf_http_cleanup_t* cleanup, void* user_data);

 /**
 ** Add an HTTP request handler.
@@ -238,4 +232,9 @@ const char* tf_http_status_text(int status);
 */
 bool tf_http_pattern_matches(const char* pattern, const char* path);

+/**
+** Log debug information to diagnose shutdown problems.
+*/
+void tf_http_debug_destroy();
+
 /** @} */
--- a/src/httpd.js.c
+++ b/src/httpd.js.c
@@ -4,9 +4,9 @@
 #include "http.h"
 #include "log.h"
 #include "mem.h"
+#include "sha1.h"
 #include "ssb.db.h"
 #include "task.h"
-#include "tls.h"
 #include "trace.h"
 #include "util.js.h"
 #include "version.h"
@@ -14,13 +14,17 @@
 #include "sodium/crypto_sign.h"
 #include "sodium/utils.h"

-#include <openssl/sha.h>
+#if defined(__APPLE__)
+#include <TargetConditionals.h>
+#endif

 #define CYAN "\e[1;36m"
 #define MAGENTA "\e[1;35m"
 #define YELLOW "\e[1;33m"
 #define RESET "\e[0m"

+static const int k_eula_version = 1;
+
 static JSClassID _httpd_request_class_id;

 typedef struct _http_user_data_t
@@ -169,8 +173,13 @@ static JSValue _httpd_websocket_upgrade(JSContext* context, JSValueConst this_va
 		uint8_t* key_magic = alloca(size);
 		memcpy(key_magic, header_sec_websocket_key, key_length);
 		memcpy(key_magic + key_length, k_magic, 36);
+
 		uint8_t digest[20];
-		SHA1(key_magic, size, digest);
+		SHA1_CTX sha1 = { 0 };
+		SHA1Init(&sha1);
+		SHA1Update(&sha1, key_magic, size);
+		SHA1Final(digest, &sha1);
+
 		char key[41] = { 0 };
 		tf_base64_encode(digest, sizeof(digest), key, sizeof(key));

@@ -253,11 +262,6 @@ JSValue tf_httpd_make_response_object(JSContext* context, tf_http_request_t* req

 bool tf_httpd_redirect(tf_http_request_t* request)
 {
-	if (request->is_tls)
-	{
-		return false;
-	}
-
 	http_user_data_t* user_data = tf_http_get_user_data(request->http);
 	if (!user_data || !*user_data->redirect)
 	{
@@ -272,16 +276,12 @@ bool tf_httpd_redirect(tf_http_request_t* request)

 typedef struct _httpd_listener_t
 {
-	tf_tls_context_t* tls;
+	int padding;
 } httpd_listener_t;

 static void _httpd_listener_cleanup(void* user_data)
 {
 	httpd_listener_t* listener = user_data;
-	if (listener->tls)
-	{
-		tf_tls_context_destroy(listener->tls);
-	}
 	tf_free(listener);
 }

@@ -570,7 +570,7 @@ static void _httpd_endpoint_add_slash(tf_http_request_t* request)
 		host = tf_http_request_get_header(request, "host");
 	}
 	char url[1024];
-	snprintf(url, sizeof(url), "%s%s%s/", request->is_tls ? "https://" : "http://", host, request->path);
+	snprintf(url, sizeof(url), "%s%s%s/", "http://", host, request->path);
 	const char* headers[] = {
 		"Location",
 		url,
@@ -622,28 +622,97 @@ tf_httpd_user_app_t* tf_httpd_parse_user_app_from_path(const char* path, const c
 	return result;
 }

-static void _httpd_endpoint_root_callback(const char* path, void* user_data)
+typedef struct _root_t
 {
-	tf_http_request_t* request = user_data;
-	const char* headers[] = {
-		"Location",
-		path ? path : "/~core/apps/",
-	};
-	tf_http_respond(request, 303, headers, tf_countof(headers) / 2, NULL, 0);
-	tf_http_request_unref(request);
-}
+	tf_http_request_t* request;
+	const char* path;
+} root_t;

-static void _httpd_endpoint_root(tf_http_request_t* request)
+static void _httpd_root_work(tf_ssb_t* ssb, void* user_data)
 {
+	root_t* root = user_data;
+	tf_http_request_t* request = root->request;
 	const char* host = tf_http_request_get_header(request, "x-forwarded-host");
 	if (!host)
 	{
 		host = tf_http_request_get_header(request, "host");
 	}
+
+	bool require_eula =
+#if TARGET_OS_IPHONE
+		true;
+#else
+		false;
+#endif
+
+	int64_t accepted_eula_version = 0;
+
+	sqlite3* db = tf_ssb_acquire_db_reader(ssb);
+	tf_ssb_db_get_global_setting_int64(db, "accepted_eula_version", &accepted_eula_version);
+	if (require_eula && accepted_eula_version != k_eula_version)
+	{
+		root->path = tf_strdup("/static/eula.html");
+	}
+	else
+	{
+		root->path = tf_ssb_db_resolve_index(db, host);
+	}
+	tf_ssb_release_db_reader(ssb, db);
+}
+
+static void _httpd_root_after_work(tf_ssb_t* ssb, int status, void* user_data)
+{
+	root_t* root = user_data;
+	tf_http_request_t* request = root->request;
+	const char* headers[] = {
+		"Location",
+		root->path ? root->path : "/~core/apps/",
+	};
+	tf_http_respond(request, 303, headers, tf_countof(headers) / 2, NULL, 0);
+	tf_http_request_unref(request);
+	tf_free((void*)root->path);
+	tf_free(root);
+}
+
+static void _httpd_endpoint_root(tf_http_request_t* request)
+{
+	root_t* root = tf_malloc(sizeof(root_t));
+	*root = (root_t) {
+		.request = request,
+	};
+	tf_http_request_ref(request);
 	tf_task_t* task = request->user_data;
 	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	tf_ssb_run_work(ssb, _httpd_root_work, _httpd_root_after_work, root);
+}
+
+static void _httpd_accept_eula_work(tf_ssb_t* ssb, void* user_data)
+{
+	char buffer[64];
+	snprintf(buffer, sizeof(buffer), "%d", k_eula_version);
+
+	sqlite3* db = tf_ssb_acquire_db_writer(ssb);
+	tf_ssb_db_set_global_setting_from_string(db, "accepted_eula_version", buffer);
+	tf_ssb_release_db_writer(ssb, db);
+}
+
+static void _httpd_accept_eula_after_work(tf_ssb_t* ssb, int status, void* user_data)
+{
+	tf_http_request_t* request = user_data;
+	const char* headers[] = {
+		"Location",
+		"/",
+	};
+	tf_http_respond(request, 303, headers, tf_countof(headers) / 2, NULL, 0);
+	tf_http_request_unref(request);
+}
+
+static void _httpd_endpoint_accept_eula(tf_http_request_t* request)
+{
 	tf_http_request_ref(request);
-	tf_ssb_db_resolve_index_async(ssb, host, _httpd_endpoint_root_callback, request);
+	tf_task_t* task = request->user_data;
+	tf_ssb_t* ssb = tf_task_get_ssb(task);
+	tf_ssb_run_work(ssb, _httpd_accept_eula_work, _httpd_accept_eula_after_work, request);
 }

 static void _httpd_endpoint_robots_txt(tf_http_request_t* request)
@@ -856,31 +925,6 @@ bool tf_httpd_is_name_valid(const char* name)
 	return true;
 }

-static void _httpd_free_user_data(void* user_data)
-{
-	tf_free(user_data);
-}
-
-static const char* _httpd_read_file(tf_task_t* task, const char* path)
-{
-	const char* actual = tf_task_get_path_with_root(task, path);
-	const size_t k_max_read = 8 * 1024 * 1024;
-	char* result = NULL;
-	char* buffer = tf_malloc(k_max_read);
-	FILE* file = fopen(actual, "rb");
-	if (file)
-	{
-		size_t size = fread(buffer, 1, k_max_read, file);
-		result = tf_malloc(size + 1);
-		memcpy(result, buffer, size);
-		result[size] = '\0';
-		fclose(file);
-	}
-	tf_free(buffer);
-	tf_free((char*)actual);
-	return result;
-}
-
 void tf_httpd_register(JSContext* context)
 {
 	JS_NewClassID(&_httpd_request_class_id);
@@ -909,41 +953,18 @@ tf_http_t* tf_httpd_create(JSContext* context)
 	tf_http_set_trace(http, tf_task_get_trace(task));

 	int64_t http_port = 0;
-	int64_t https_port = 0;
 	char out_http_port_file[512] = "";
 	bool local_only = false;
 	sqlite3* db = tf_ssb_acquire_db_reader(ssb);
 	tf_ssb_db_get_global_setting_int64(db, "http_port", &http_port);
-	tf_ssb_db_get_global_setting_int64(db, "https_port", &https_port);
 	tf_ssb_db_get_global_setting_string(db, "out_http_port_file", out_http_port_file, sizeof(out_http_port_file));
 	tf_ssb_db_get_global_setting_bool(db, "http_local_only", &local_only);
 	tf_ssb_release_db_reader(ssb, db);

-	if (https_port)
-	{
-		http_user_data_t* user_data = tf_http_get_user_data(http);
-		if (!user_data)
-		{
-			user_data = tf_malloc(sizeof(http_user_data_t));
-			memset(user_data, 0, sizeof(http_user_data_t));
-			tf_http_set_user_data(http, user_data, _httpd_free_user_data);
-		}
-		sqlite3* db = tf_ssb_acquire_db_reader(ssb);
-		tf_ssb_db_get_global_setting_string(db, "http_redirect", user_data->redirect, sizeof(user_data->redirect));
-		tf_ssb_release_db_reader(ssb, db);
-
-		/* Workaround. */
-		if (strcmp(user_data->redirect, "0") == 0)
-		{
-			*user_data->redirect = '\0';
-		}
-	}
-
 	tf_http_add_handler(http, "/", _httpd_endpoint_root, NULL, task);
 	tf_http_add_handler(http, "/codemirror/*", tf_httpd_endpoint_static, NULL, task);
 	tf_http_add_handler(http, "/lit/*", tf_httpd_endpoint_static, NULL, task);
 	tf_http_add_handler(http, "/prettier/*", tf_httpd_endpoint_static, NULL, task);
-	tf_http_add_handler(http, "/speedscope/*", tf_httpd_endpoint_static, NULL, task);
 	tf_http_add_handler(http, "/static/*", tf_httpd_endpoint_static, NULL, task);
 	tf_http_add_handler(http, "/.well-known/*", tf_httpd_endpoint_static, NULL, task);
 	tf_http_add_handler(http, "/&*.sha256", _httpd_endpoint_add_slash, NULL, task);
@@ -966,6 +987,7 @@ tf_http_t* tf_httpd_create(JSContext* context)
 	tf_http_add_handler(http, "/login/logout", tf_httpd_endpoint_logout, NULL, task);
 	tf_http_add_handler(http, "/login/auto", tf_httpd_endpoint_login_auto, NULL, task);
 	tf_http_add_handler(http, "/login", tf_httpd_endpoint_login, NULL, task);
+	tf_http_add_handler(http, "/eula/accept", _httpd_endpoint_accept_eula, NULL, task);

 	tf_http_add_handler(http, "/app/socket", tf_httpd_endpoint_app_socket, NULL, task);

@@ -973,7 +995,7 @@ tf_http_t* tf_httpd_create(JSContext* context)
 	{
 		httpd_listener_t* listener = tf_malloc(sizeof(httpd_listener_t));
 		*listener = (httpd_listener_t) { 0 };
-		int assigned_port = tf_http_listen(http, http_port, local_only, NULL, _httpd_listener_cleanup, listener);
+		int assigned_port = tf_http_listen(http, http_port, local_only, _httpd_listener_cleanup, listener);
 		tf_printf(CYAN "~😎 Tilde Friends" RESET " " YELLOW VERSION_NUMBER RESET " is now up at " MAGENTA "http://127.0.0.1:%d/" RESET ".\n", assigned_port);

 		if (*out_http_port_file)
@@ -992,26 +1014,6 @@ tf_http_t* tf_httpd_create(JSContext* context)
 			}
 			tf_free((char*)actual_http_port_file);
 		}
-
-		if (https_port)
-		{
-			const char* k_certificate = "data/httpd/certificate.pem";
-			const char* k_private_key = "data/httpd/privatekey.pem";
-			const char* certificate = _httpd_read_file(task, k_certificate);
-			const char* private_key = _httpd_read_file(task, k_private_key);
-			if (certificate && private_key)
-			{
-				tf_tls_context_t* tls = tf_tls_context_create();
-				tf_tls_context_set_certificate(tls, certificate);
-				tf_tls_context_set_private_key(tls, private_key);
-				httpd_listener_t* listener = tf_malloc(sizeof(httpd_listener_t));
-				*listener = (httpd_listener_t) { .tls = tls };
-				int assigned_port = tf_http_listen(http, https_port, local_only, tls, _httpd_listener_cleanup, listener);
-				tf_printf(CYAN "~😎 Tilde Friends" RESET " " YELLOW VERSION_NUMBER RESET " is now up at " MAGENTA "https://127.0.0.1:%d/" RESET ".\n", assigned_port);
-			}
-			tf_free((char*)certificate);
-			tf_free((char*)private_key);
-		}
 	}
 	return http;
 }
--- a/src/httpd.login.c
+++ b/src/httpd.login.c
@@ -37,11 +37,11 @@ typedef struct _login_request_t
 const char* tf_httpd_make_set_session_cookie_header(tf_http_request_t* request, const char* session_cookie)
 {
 	const char* k_pattern = "session=%s; path=/; Max-Age=%" PRId64 "; %sSameSite=Strict; HttpOnly";
-	int length = session_cookie ? snprintf(NULL, 0, k_pattern, session_cookie, k_httpd_auth_refresh_interval, request->is_tls ? "Secure; " : "") : 0;
+	int length = session_cookie ? snprintf(NULL, 0, k_pattern, session_cookie, k_httpd_auth_refresh_interval, "") : 0;
 	char* cookie = length ? tf_malloc(length + 1) : NULL;
 	if (cookie)
 	{
-		snprintf(cookie, length + 1, k_pattern, session_cookie, k_httpd_auth_refresh_interval, request->is_tls ? "Secure; " : "");
+		snprintf(cookie, length + 1, k_pattern, session_cookie, k_httpd_auth_refresh_interval, "");
 	}
 	return cookie;
 }
@@ -226,7 +226,7 @@ static void _httpd_endpoint_login_work(tf_ssb_t* ssb, void* user_data)
 		}
 		else
 		{
-			snprintf(login->location_header, sizeof(login->location_header), "%s%s/", request->is_tls ? "https://" : "http://", tf_http_request_get_header(request, "host"));
+			snprintf(login->location_header, sizeof(login->location_header), "%s%s/", "http://", tf_http_request_get_header(request, "host"));
 		}
 		goto done;
 	}
@@ -332,7 +332,7 @@ static void _httpd_endpoint_login_work(tf_ssb_t* ssb, void* user_data)
 		}
 		else
 		{
-			snprintf(login->location_header, sizeof(login->location_header), "%s%s/", request->is_tls ? "https://" : "http://", tf_http_request_get_header(request, "host"));
+			snprintf(login->location_header, sizeof(login->location_header), "%s%s/", "http://", tf_http_request_get_header(request, "host"));
 		}
 		login->set_cookie_header = tf_httpd_make_set_session_cookie_header(request, send_session);
 		tf_free((void*)send_session);
@@ -352,7 +352,7 @@ static void _httpd_endpoint_login_work(tf_ssb_t* ssb, void* user_data)
 		{
 			JSValue settings_value = JS_ParseJSON(context, login->settings, strlen(login->settings), NULL);
 			JSValue code_of_conduct_value = JS_GetPropertyStr(context, settings_value, "code_of_conduct");
-			const char* code_of_conduct = JS_ToCString(context, code_of_conduct_value);
+			const char* code_of_conduct = JS_IsString(code_of_conduct_value) ? JS_ToCString(context, code_of_conduct_value) : NULL;
 			const char* result = tf_strdup(code_of_conduct);
 			JS_FreeCString(context, code_of_conduct);
 			JS_FreeValue(context, code_of_conduct_value);
@@ -416,8 +416,7 @@ void tf_httpd_endpoint_login(tf_http_request_t* request)

 void tf_httpd_endpoint_logout(tf_http_request_t* request)
 {
-	const char* k_set_cookie = request->is_tls ? "session=; path=/; Secure; SameSite=Strict; expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly"
-											   : "session=; path=/; SameSite=Strict; expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly";
+	const char* k_set_cookie = "session=; path=/; SameSite=Strict; expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly";
 	const char* k_location_format = "/login%s%s";
 	int length = snprintf(NULL, 0, k_location_format, request->query ? "?" : "", request->query);
 	char* location = alloca(length + 1);
--- a/src/httpd.static.c
+++ b/src/httpd.static.c
@@ -124,6 +124,7 @@ void tf_httpd_endpoint_static(tf_http_request_t* request)

 	const char* k_static_files[] = {
 		"index.html",
+		"eula.html",
 		"client.js",
 		"tildefriends.svg",
 		"jszip.min.js",
@@ -137,7 +138,6 @@ void tf_httpd_endpoint_static(tf_http_request_t* request)
 		{ "/lit/", "deps/lit/" },
 		{ "/codemirror/", "deps/codemirror/" },
 		{ "/prettier/", "deps/prettier/" },
-		{ "/speedscope/", "deps/speedscope/" },
 		{ "/.well-known/", "data/global/.well-known/" },
 	};

--- a/src/ios.m
+++ b/src/ios.m
@@ -1,19 +1,28 @@
+#import <CoreSpotlight/CSSearchableIndex.h>
+#import <CoreSpotlight/CSSearchableItem.h>
+#import <CoreSpotlight/CSSearchableItemAttributeSet.h>
 #import <UIKit/UIKit.h>
+#import <WebKit/WKDownload.h>
+#import <WebKit/WKDownloadDelegate.h>
+#import <WebKit/WKNavigationAction.h>
 #import <WebKit/WKNavigationDelegate.h>
+#import <WebKit/WKNavigationResponse.h>
 #import <WebKit/WKUIDelegate.h>
 #import <WebKit/WKWebView.h>
 #import <WebKit/WKWebViewConfiguration.h>

 #include "log.h"
+#include "util.js.h"

 #include <libgen.h>
 #include <string.h>

 void tf_run_thread_start(const char* zip_path);

-@interface ViewController : UINavigationController <WKUIDelegate, WKNavigationDelegate>
+@interface ViewController : UINavigationController <WKUIDelegate, WKNavigationDelegate, WKDownloadDelegate, UIDocumentPickerDelegate>
@property (strong, nonatomic) WKWebView* web_view;
@property bool initial_load_complete;
+@property (retain) NSURL* download_url;
@end

 static void _start_initial_load(WKWebView* web_view)
@@ -26,20 +35,17 @@ static void _start_initial_load(WKWebView* web_view)
 {
 	[super viewDidLoad];

-	[self setToolbarHidden:false animated:false];
-	self.toolbar.items = @[
-		[[UIBarButtonItem alloc] initWithTitle:@"Back" style:UIBarButtonItemStylePlain target:self action:@selector(goBack)],
-		[[UIBarButtonItem alloc] initWithTitle:@"Forward" style:UIBarButtonItemStylePlain target:self action:@selector(goForward)],
-		[[UIBarButtonItem alloc] initWithTitle:@"Refresh" style:UIBarButtonItemStylePlain target:self action:@selector(reload)]
-	];
-
 	WKWebViewConfiguration* configuration = [[WKWebViewConfiguration alloc] init];
 	self.web_view = [[WKWebView alloc] initWithFrame:self.view.frame configuration:configuration];
 	self.web_view.UIDelegate = self;
 	self.web_view.navigationDelegate = self;
 	self.web_view.autoresizingMask = UIViewAutoresizingFlexibleHeight | UIViewAutoresizingFlexibleWidth;
 	self.web_view.translatesAutoresizingMaskIntoConstraints = false;
+	self.web_view.allowsBackForwardNavigationGestures = true;
 	[self.view addSubview:self.web_view];
+	UIRefreshControl* refresh = [[UIRefreshControl alloc] init];
+	[refresh addTarget:self action:@selector(handleRefresh:) forControlEvents:UIControlEventValueChanged];
+	self.web_view.scrollView.refreshControl = refresh;

 	[self.view addConstraint:[NSLayoutConstraint constraintWithItem:self.web_view attribute:NSLayoutAttributeTop relatedBy:NSLayoutRelationEqual toItem:self.view
 														  attribute:NSLayoutAttributeTop
@@ -61,30 +67,21 @@ static void _start_initial_load(WKWebView* web_view)
 	_start_initial_load(self.web_view);
 }

- (void)goBack
-{
-	if (self.web_view.canGoBack)
-	{
-		[self.web_view goBack];
-	}
-}
-
- (void)goForward
-{
-	if (self.web_view.canGoForward)
-	{
-		[self.web_view goForward];
-	}
-}
-
- (void)reload
+- (void)handleRefresh:(id)sender
 {
+	tf_printf("refresh\n");
 	[self.web_view reload];
 }

 - (void)webView:(WKWebView*)webView didFinishNavigation:(WKNavigation*)navigation
 {
-	self.initial_load_complete = true;
+	if (!self.initial_load_complete)
+	{
+		tf_printf("initial load complete\n");
+		self.initial_load_complete = true;
+	}
+	self.navigationController.interactivePopGestureRecognizer.enabled = self.web_view.canGoBack;
+	[self.web_view.scrollView.refreshControl endRefreshing];
 }

 - (void)webView:(WKWebView*)webView didFailProvisionalNavigation:(WKNavigation*)navigation withError:(NSError*)error
@@ -133,6 +130,59 @@ static void _start_initial_load(WKWebView* web_view)
 	[alertController addAction:[UIAlertAction actionWithTitle:@"Cancel" style:UIAlertActionStyleCancel handler:^(UIAlertAction* action) { completionHandler(nil); }]];
 	[self presentViewController:alertController animated:YES completion:^ {}];
 }
+
+- (void)webView:(WKWebView*)webView decidePolicyForNavigationAction:(WKNavigationAction*)navigationAction decisionHandler:(void (^)(enum WKNavigationActionPolicy))decisionHandler
+{
+	decisionHandler(navigationAction.shouldPerformDownload ? WKNavigationActionPolicyDownload : WKNavigationActionPolicyAllow);
+}
+
+- (void)webView:(WKWebView*)webView
+	decidePolicyForNavigationResponse:(WKNavigationResponse*)navigationResponse
+					  decisionHandler:(void (^)(enum WKNavigationResponsePolicy))decisionHandler
+{
+	decisionHandler(navigationResponse.canShowMIMEType ? WKNavigationResponsePolicyAllow : WKNavigationResponsePolicyDownload);
+}
+
+- (void)webView:(WKWebView*)webView navigationAction:(WKNavigationAction*)navigationAction didBecomeDownload:(WKDownload*)download
+{
+	download.delegate = self;
+}
+
+- (void)webView:(WKWebView*)webView navigationResponse:(WKNavigationResponse*)navigationResponse didBecomeDownload:(WKDownload*)download
+{
+	download.delegate = self;
+}
+
+- (void)download:(WKDownload*)download
+	decideDestinationUsingResponse:(NSURLResponse*)response
+				 suggestedFilename:(NSString*)suggestedFilename
+				 completionHandler:(void (^)(NSURL*))completionHandler
+{
+	self.download_url = [[NSURL fileURLWithPath:NSTemporaryDirectory()] URLByAppendingPathComponent:suggestedFilename];
+	completionHandler(self.download_url);
+}
+
+- (void)downloadDidFinish:(WKDownload*)download
+{
+	UIDocumentPickerViewController* picker = [[UIDocumentPickerViewController alloc] initForExportingURLs:@[ self.download_url ]];
+	picker.delegate = self;
+	[self presentViewController:picker animated:YES completion:nil];
+}
+
+- (void)download:(WKDownload*)download didFailWithError:(NSError*)error resumeData:(NSData*)resumeData
+{
+	tf_printf("download didFailWithError:%s\n", [error.localizedDescription UTF8String]);
+}
+
+- (void)documentPicker:(UIDocumentPickerViewController*)controller didPickDocumentAtURLs:(NSArray<NSURL*>*)urls
+{
+	[[NSFileManager defaultManager] removeItemAtURL:self.download_url error:nil];
+}
+
+- (void)documentPickerWasCancelled:(UIDocumentPickerViewController*)controller
+{
+	[[NSFileManager defaultManager] removeItemAtURL:self.download_url error:nil];
+}
@end

@interface AppDelegate : UIResponder <UIApplicationDelegate>
@@ -148,8 +198,50 @@ static void _start_initial_load(WKWebView* web_view)
 	[self.window makeKeyAndVisible];
 	return YES;
 }
+
+- (BOOL)application:(UIApplication*)application
+	continueUserActivity:(NSUserActivity*)activity
+	  restorationHandler:(void (^)(NSArray<id<UIUserActivityRestoring>>*))restorationHandler
+{
+	if ([activity.activityType isEqual:CSSearchableItemActionType])
+	{
+		const char* identifier = [[activity.userInfo valueForKey:CSSearchableItemActivityIdentifier] UTF8String];
+		tf_printf("Jumping to search result: %s.\n", identifier);
+
+		char url[1024];
+		snprintf(url, sizeof(url), "http://localhost:12345/~core/ssb/#%s", identifier);
+		tf_printf("Navigating to %s.", url);
+		ViewController* view_controller = (ViewController*)self.window.rootViewController;
+		[view_controller.web_view loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithUTF8String:url]]]];
+	}
+	else
+	{
+		tf_printf("no search\n");
+	}
+	return NO;
+}
@end

+void tf_notify_message_added_ios(const char* identifier, const char* title, const char* content)
+{
+	tf_printf("indexing: identifier=%s title=%s content=%s\n", identifier, title, content);
+	CSSearchableItemAttributeSet* attribute_set = [[CSSearchableItemAttributeSet alloc] initWithContentType:UTTypeText];
+	attribute_set.title = [NSString stringWithUTF8String:content];
+	attribute_set.contentDescription = [NSString stringWithUTF8String:title];
+	CSSearchableItem* item = [[CSSearchableItem alloc] initWithUniqueIdentifier:[NSString stringWithUTF8String:identifier] domainIdentifier:@"com.unprompted.tildefriends.messages"
+																   attributeSet:attribute_set];
+	[[CSSearchableIndex defaultSearchableIndex] indexSearchableItems:@[ item ] completionHandler:^(NSError* _Nullable error) {
+		if (error)
+		{
+			tf_printf("indexing error: %s.\n", [error.localizedDescription UTF8String]);
+		}
+		else
+		{
+			tf_printf("indexed successfully.\n");
+		}
+	}];
+}
+
 int main(int argc, char* argv[])
 {
 	NSFileManager* file_manager = [NSFileManager defaultManager];
--- a/src/ios/Info.plist
+++ b/src/ios/Info.plist
@@ -13,19 +13,19 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>0.2025.8</string>
+	<string>0.2025.11</string>
 	<key>CFBundleSupportedPlatforms</key>
 	<array>
 		<string>iPhoneOS</string>
 	</array>
 	<key>CFBundleVersion</key>
-	<string>16</string>
+	<string>26</string>
 	<key>DTPlatformName</key>
 	<string>iphoneos</string>
 	<key>LSRequiresIPhoneOS</key>
 	<true/>
 	<key>MinimumOSVersion</key>
-	<string>14.0</string>
+	<string>14.5</string>
 	<key>UIDeviceFamily</key>
 	<array>
 		<integer>1</integer>
@@ -83,5 +83,13 @@
 	</dict>
 	<key>ITSAppUsesNonExemptEncryption</key>
 	<false/>
+	<key>NSCameraUsageDescription</key>
+	<string>Camera access is used to take pictures to add to posts.</string>
+	<key>NSMicrophoneUsageDescription</key>
+	<string>Microphone access is used to capture audio to add to posts.</string>
+	<key>NSPhotoLibraryUsageDescription</key>
+	<string>Photo library access is used to select images to add to posts.</string>
+	<key>NSDownlodasFolderUsageDescription</key>
+	<string>Downloads folder access is used to export and import apps.</string>
 </dict>
 </plist>
--- a/src/ios/tildefriends512.png
+++ b/src/ios/tildefriends512.png
--- a/src/log.h
+++ b/src/log.h
@@ -17,12 +17,15 @@
 #include <TargetConditionals.h>
 #if TARGET_OS_IPHONE
 #include <os/log.h>
+#include <stdio.h>
 #define tf_printf(...) \
 	do \
 	{ \
 		char buffer##__LINE__[2048]; \
 		snprintf(buffer##__LINE__, sizeof(buffer##__LINE__), __VA_ARGS__); \
 		os_log(OS_LOG_DEFAULT, "%{public}s", buffer##__LINE__); \
+		fputs(buffer##__LINE__, stdout); \
+		fflush(stdout); \
 	} while (0)
 #else
 #include <stdio.h>
--- a/src/main.c
+++ b/src/main.c
@@ -1502,13 +1502,11 @@ static int _tf_run_task(const tf_run_args_t* args, int index)
 	tf_ssb_t* ssb = tf_task_get_ssb(task);
 	sqlite3* db = tf_ssb_acquire_db_reader(ssb);
 	int64_t http_port = 0;
-	int64_t https_port = 0;
 	char out_http_port_file[512] = "";
 	tf_ssb_db_get_global_setting_int64(db, "http_port", &http_port);
-	tf_ssb_db_get_global_setting_int64(db, "https_port", &https_port);
 	tf_ssb_db_get_global_setting_string(db, "out_http_port_file", out_http_port_file, sizeof(out_http_port_file));
 	tf_ssb_release_db_reader(ssb, db);
-	if (http_port || https_port || *out_http_port_file)
+	if (http_port || *out_http_port_file)
 	{
 		if (args->zip)
 		{
@@ -1578,28 +1576,28 @@ static void _shed_privileges()
 	if (setrlimit(RLIMIT_FSIZE, &zeroLimit) != 0)
 	{
 		perror("setrlimit(RLIMIT_FSIZE, {0, 0})");
-		exit(-1);
+		exit(EXIT_FAILURE);
 	}
 	if (setrlimit(RLIMIT_NOFILE, &zeroLimit) != 0)
 	{
 		perror("setrlimit(RLIMIT_NOFILE, {0, 0})");
-		exit(-1);
+		exit(EXIT_FAILURE);
 	}
 	if (setrlimit(RLIMIT_NPROC, &zeroLimit) != 0)
 	{
 		perror("setrlimit(RLIMIT_NPROC, {0, 0})");
-		exit(-1);
+		exit(EXIT_FAILURE);
 	}
 #if !defined(__MACH__) && !defined(__OpenBSD__)
 	if (setrlimit(RLIMIT_LOCKS, &zeroLimit) != 0)
 	{
 		perror("setrlimit(RLIMIT_LOCKS, {0, 0})");
-		exit(-1);
+		exit(EXIT_FAILURE);
 	}
 	if (setrlimit(RLIMIT_MSGQUEUE, &zeroLimit) != 0)
 	{
 		perror("setrlimit(RLIMIT_MSGQUEUE, {0, 0})");
-		exit(-1);
+		exit(EXIT_FAILURE);
 	}
 #endif
 #endif
@@ -1609,12 +1607,12 @@ static void _shed_privileges()
 	if (unveil("/dev/null", "r") || unveil(NULL, NULL))
 	{
 		perror("unveil");
-		exit(-1);
+		exit(EXIT_FAILURE);
 	}
 	if (pledge("stdio unveil", NULL))
 	{
 		perror("pledge");
-		exit(-1);
+		exit(EXIT_FAILURE);
 	}
 #endif
 }
@@ -1831,7 +1829,7 @@ static void _error_handler(int sig)
 	const char* stack = tf_util_backtrace_string();
 	tf_printf("ERROR:\n%s\n", stack);
 	tf_free((void*)stack);
-	_exit(1);
+	_exit(EXIT_FAILURE);
 }

 #if defined(_WIN32)
@@ -1843,7 +1841,7 @@ static LONG WINAPI _win32_exception_handler(EXCEPTION_POINTERS* info)
 		const char* stack = tf_util_backtrace_string();
 		tf_printf("ERROR:\n%s\n", stack);
 		tf_free((void*)stack);
-		_exit(1);
+		_exit(EXIT_FAILURE);
 	}
 	return EXCEPTION_CONTINUE_SEARCH;
 }
@@ -1869,7 +1867,6 @@ static void _startup(int argc, char* argv[])
 	prctl(PR_SET_PDEATHSIG, SIGKILL);
 #endif
 	tf_mem_replace_uv_allocator();
-	tf_mem_replace_tls_allocator();
 	tf_mem_replace_sqlite_allocator();
 	uv_setup_args(argc, argv);
 	tf_taskstub_startup();
--- a/src/mem.c
+++ b/src/mem.c
@@ -7,8 +7,6 @@
 #include "sqlite3.h"
 #include "uv.h"

-#include <openssl/crypto.h>
-
 #include <stdbool.h>
 #include <string.h>

@@ -19,7 +17,6 @@ static bool s_mem_tracking;
 static tf_mem_node_t* s_mem_tracked;
 static int64_t s_tf_malloc_size;
 static int64_t s_uv_malloc_size;
-static int64_t s_tls_malloc_size;
 static int64_t s_js_malloc_size;
 static int64_t s_sqlite_malloc_size;

@@ -387,31 +384,6 @@ size_t tf_mem_get_uv_malloc_size()
 	return s_uv_malloc_size;
 }

-static void* _tf_tls_alloc(size_t size, const char* file, int line)
-{
-	return _tf_alloc(&s_tls_malloc_size, size);
-}
-
-static void* _tf_tls_realloc(void* ptr, size_t size, const char* file, int line)
-{
-	return _tf_realloc(&s_tls_malloc_size, ptr, size);
-}
-
-static void _tf_tls_free(void* ptr, const char* file, int line)
-{
-	_tf_free(&s_tls_malloc_size, ptr);
-}
-
-void tf_mem_replace_tls_allocator()
-{
-	CRYPTO_set_mem_functions(_tf_tls_alloc, _tf_tls_realloc, _tf_tls_free);
-}
-
-size_t tf_mem_get_tls_malloc_size()
-{
-	return s_tls_malloc_size;
-}
-
 void* tf_malloc(size_t size)
 {
 	return _tf_alloc(&s_tf_malloc_size, size);
--- a/src/mem.h
+++ b/src/mem.h
@@ -3,7 +3,7 @@
 /**
 ** \defgroup mem Memory management
 ** tf_malloc() and friends use malloc() behind the scenes but optionally
-** track memory per system (OpenSSL, sqlite, libuv, ...) and store callstacks
+** track memory per system (sqlite, libuv, ...) and store callstacks
 ** to help debug leaks.
 ** @{
 */
@@ -38,17 +38,6 @@ void tf_mem_replace_uv_allocator();
 */
 size_t tf_mem_get_uv_malloc_size();

-/**
-** Register a custom allocator with OpenSSL.
-*/
-void tf_mem_replace_tls_allocator();
-
-/**
-** Get the number of bytes currently allocated by OpenSSL.
-** @return The allocated size in bytes.
-*/
-size_t tf_mem_get_tls_malloc_size();
-
 /**
 ** Register a custom allocator with SQLite.
 */
--- a/src/sha1.c
+++ b/src/sha1.c
@@ -0,0 +1,329 @@
+/*
+ * SHA1 hash implementation and interface functions
+ * Copyright (c) 2003-2005, Jouni Malinen <j@w1.fi>
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#include "sha1.h"
+
+#include <stddef.h>
+#include <string.h>
+
+/* ===== start - public domain SHA1 implementation ===== */
+
+/*
+SHA-1 in C
+By Steve Reid <sreid@sea-to-sky.net>
+100% Public Domain
+
+-----------------
+Modified 7/98
+By James H. Brown <jbrown@burgoyne.com>
+Still 100% Public Domain
+
+Corrected a problem which generated improper hash values on 16 bit machines
+Routine SHA1Update changed from
+	void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int
+len)
+to
+	void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned
+long len)
+
+The 'len' parameter was declared an int which works fine on 32 bit machines.
+However, on 16 bit machines an int is too small for the shifts being done
+against it.  This caused the hash function to generate incorrect values if len
+was greater than 8191 (8K - 1) due to the 'len << 3' on line 3 of SHA1Update().
+
+Since the file IO in main() reads 16K at a time, any file 8K or larger would be
+guaranteed to generate the wrong hash (e.g. Test Vector #3, a million "a"s).
+
+I also changed the declaration of variables i & j in SHA1Update to unsigned
+long from unsigned int for the same reason.
+
+These changes should make no difference to any 32 bit implementations since an
+int and a long are the same size in those environments.
+
+--
+I also corrected a few compiler warnings generated by Borland C.
+1. Added #include <process.h> for exit() prototype
+2. Removed unused variable 'j' in SHA1Final
+3. Changed exit(0) to return(0) at end of main.
+
+ALL changes I made can be located by searching for comments containing 'JHB'
+-----------------
+Modified 8/98
+By Steve Reid <sreid@sea-to-sky.net>
+Still 100% public domain
+
+1- Removed #include <process.h> and used return() instead of exit()
+2- Fixed overwriting of finalcount in SHA1Final() (discovered by Chris Hall)
+3- Changed email address from steve@edmweb.com to sreid@sea-to-sky.net
+
+-----------------
+Modified 4/01
+By Saul Kravitz <Saul.Kravitz@celera.com>
+Still 100% PD
+Modified to run on Compaq Alpha hardware.
+
+-----------------
+Modified 4/01
+By Jouni Malinen <j@w1.fi>
+Minor changes to match the coding style used in Dynamics.
+
+Modified September 24, 2004
+By Jouni Malinen <j@w1.fi>
+Fixed alignment issue in SHA1Transform when SHA1HANDSOFF is defined.
+
+-----------------
+Modified September 29, 2025
+By Cory McWilliams <cory@tildefriends.net>
+Adapted from
+https://web.mit.edu/freebsd/head/contrib/wpa/src/crypto/sha1-internal.c.
+Modified to build outside of FreeBSD.  Updated with clang-format.
+
+*/
+
+/*
+Test Vectors (from FIPS PUB 180-1)
+"abc"
+  A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
+"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+  84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
+A million repetitions of "a"
+  34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
+*/
+
+#define SHA1HANDSOFF
+
+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
+
+/* blk0() and blk() perform the initial expand. */
+/* I got the idea of expanding during the round function from SSLeay */
+#ifndef WORDS_BIGENDIAN
+#define blk0(i) (block->l[i] = (rol(block->l[i], 24) & 0xFF00FF00) | (rol(block->l[i], 8) & 0x00FF00FF))
+#else
+#define blk0(i) block->l[i]
+#endif
+#define blk(i) (block->l[i & 15] = rol(block->l[(i + 13) & 15] ^ block->l[(i + 8) & 15] ^ block->l[(i + 2) & 15] ^ block->l[i & 15], 1))
+
+/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
+#define R0(v, w, x, y, z, i) \
+	z += ((w & (x ^ y)) ^ y) + blk0(i) + 0x5A827999 + rol(v, 5); \
+	w = rol(w, 30);
+#define R1(v, w, x, y, z, i) \
+	z += ((w & (x ^ y)) ^ y) + blk(i) + 0x5A827999 + rol(v, 5); \
+	w = rol(w, 30);
+#define R2(v, w, x, y, z, i) \
+	z += (w ^ x ^ y) + blk(i) + 0x6ED9EBA1 + rol(v, 5); \
+	w = rol(w, 30);
+#define R3(v, w, x, y, z, i) \
+	z += (((w | x) & y) | (w & x)) + blk(i) + 0x8F1BBCDC + rol(v, 5); \
+	w = rol(w, 30);
+#define R4(v, w, x, y, z, i) \
+	z += (w ^ x ^ y) + blk(i) + 0xCA62C1D6 + rol(v, 5); \
+	w = rol(w, 30);
+
+#ifdef VERBOSE /* SAK */
+void SHAPrintContext(SHA1_CTX* context, char* msg)
+{
+	printf("%s (%d,%d) %x %x %x %x %x\n", msg, context->count[0], context->count[1], context->state[0], context->state[1], context->state[2], context->state[3], context->state[4]);
+}
+#endif
+
+/* Hash a single 512-bit block. This is the core of the algorithm. */
+
+void SHA1Transform(uint32_t state[5], const unsigned char buffer[64])
+{
+	uint32_t a, b, c, d, e;
+	typedef union
+	{
+		unsigned char c[64];
+		uint32_t l[16];
+	} CHAR64LONG16;
+	CHAR64LONG16* block;
+#ifdef SHA1HANDSOFF
+	CHAR64LONG16 workspace;
+	block = &workspace;
+	memcpy(block, buffer, 64);
+#else
+	block = (CHAR64LONG16*)buffer;
+#endif
+	/* Copy context->state[] to working vars */
+	a = state[0];
+	b = state[1];
+	c = state[2];
+	d = state[3];
+	e = state[4];
+	/* 4 rounds of 20 operations each. Loop unrolled. */
+	R0(a, b, c, d, e, 0);
+	R0(e, a, b, c, d, 1);
+	R0(d, e, a, b, c, 2);
+	R0(c, d, e, a, b, 3);
+	R0(b, c, d, e, a, 4);
+	R0(a, b, c, d, e, 5);
+	R0(e, a, b, c, d, 6);
+	R0(d, e, a, b, c, 7);
+	R0(c, d, e, a, b, 8);
+	R0(b, c, d, e, a, 9);
+	R0(a, b, c, d, e, 10);
+	R0(e, a, b, c, d, 11);
+	R0(d, e, a, b, c, 12);
+	R0(c, d, e, a, b, 13);
+	R0(b, c, d, e, a, 14);
+	R0(a, b, c, d, e, 15);
+	R1(e, a, b, c, d, 16);
+	R1(d, e, a, b, c, 17);
+	R1(c, d, e, a, b, 18);
+	R1(b, c, d, e, a, 19);
+	R2(a, b, c, d, e, 20);
+	R2(e, a, b, c, d, 21);
+	R2(d, e, a, b, c, 22);
+	R2(c, d, e, a, b, 23);
+	R2(b, c, d, e, a, 24);
+	R2(a, b, c, d, e, 25);
+	R2(e, a, b, c, d, 26);
+	R2(d, e, a, b, c, 27);
+	R2(c, d, e, a, b, 28);
+	R2(b, c, d, e, a, 29);
+	R2(a, b, c, d, e, 30);
+	R2(e, a, b, c, d, 31);
+	R2(d, e, a, b, c, 32);
+	R2(c, d, e, a, b, 33);
+	R2(b, c, d, e, a, 34);
+	R2(a, b, c, d, e, 35);
+	R2(e, a, b, c, d, 36);
+	R2(d, e, a, b, c, 37);
+	R2(c, d, e, a, b, 38);
+	R2(b, c, d, e, a, 39);
+	R3(a, b, c, d, e, 40);
+	R3(e, a, b, c, d, 41);
+	R3(d, e, a, b, c, 42);
+	R3(c, d, e, a, b, 43);
+	R3(b, c, d, e, a, 44);
+	R3(a, b, c, d, e, 45);
+	R3(e, a, b, c, d, 46);
+	R3(d, e, a, b, c, 47);
+	R3(c, d, e, a, b, 48);
+	R3(b, c, d, e, a, 49);
+	R3(a, b, c, d, e, 50);
+	R3(e, a, b, c, d, 51);
+	R3(d, e, a, b, c, 52);
+	R3(c, d, e, a, b, 53);
+	R3(b, c, d, e, a, 54);
+	R3(a, b, c, d, e, 55);
+	R3(e, a, b, c, d, 56);
+	R3(d, e, a, b, c, 57);
+	R3(c, d, e, a, b, 58);
+	R3(b, c, d, e, a, 59);
+	R4(a, b, c, d, e, 60);
+	R4(e, a, b, c, d, 61);
+	R4(d, e, a, b, c, 62);
+	R4(c, d, e, a, b, 63);
+	R4(b, c, d, e, a, 64);
+	R4(a, b, c, d, e, 65);
+	R4(e, a, b, c, d, 66);
+	R4(d, e, a, b, c, 67);
+	R4(c, d, e, a, b, 68);
+	R4(b, c, d, e, a, 69);
+	R4(a, b, c, d, e, 70);
+	R4(e, a, b, c, d, 71);
+	R4(d, e, a, b, c, 72);
+	R4(c, d, e, a, b, 73);
+	R4(b, c, d, e, a, 74);
+	R4(a, b, c, d, e, 75);
+	R4(e, a, b, c, d, 76);
+	R4(d, e, a, b, c, 77);
+	R4(c, d, e, a, b, 78);
+	R4(b, c, d, e, a, 79);
+	/* Add the working vars back into context.state[] */
+	state[0] += a;
+	state[1] += b;
+	state[2] += c;
+	state[3] += d;
+	state[4] += e;
+	/* Wipe variables */
+	a = b = c = d = e = 0;
+#ifdef SHA1HANDSOFF
+	memset(block, 0, 64);
+#endif
+}
+
+/* SHA1Init - Initialize new context */
+
+void SHA1Init(SHA1_CTX* context)
+{
+	/* SHA1 initialization constants */
+	context->state[0] = 0x67452301;
+	context->state[1] = 0xEFCDAB89;
+	context->state[2] = 0x98BADCFE;
+	context->state[3] = 0x10325476;
+	context->state[4] = 0xC3D2E1F0;
+	context->count[0] = context->count[1] = 0;
+}
+
+/* Run your data through this. */
+
+void SHA1Update(SHA1_CTX* context, const void* _data, uint32_t len)
+{
+	uint32_t i, j;
+	const unsigned char* data = _data;
+
+#ifdef VERBOSE
+	SHAPrintContext(context, "before");
+#endif
+	j = (context->count[0] >> 3) & 63;
+	if ((context->count[0] += len << 3) < (len << 3))
+		context->count[1]++;
+	context->count[1] += (len >> 29);
+	if ((j + len) > 63)
+	{
+		memcpy(&context->buffer[j], data, (i = 64 - j));
+		SHA1Transform(context->state, context->buffer);
+		for (; i + 63 < len; i += 64)
+		{
+			SHA1Transform(context->state, &data[i]);
+		}
+		j = 0;
+	}
+	else
+		i = 0;
+	memcpy(&context->buffer[j], &data[i], len - i);
+#ifdef VERBOSE
+	SHAPrintContext(context, "after ");
+#endif
+}
+
+/* Add padding and return the message digest. */
+
+void SHA1Final(unsigned char digest[20], SHA1_CTX* context)
+{
+	uint32_t i;
+	unsigned char finalcount[8];
+
+	for (i = 0; i < 8; i++)
+	{
+		/* Endian independent */
+		finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] >> ((3 - (i & 3)) * 8)) & 255);
+	}
+	SHA1Update(context, (unsigned char*)"\200", 1);
+	while ((context->count[0] & 504) != 448)
+	{
+		SHA1Update(context, (unsigned char*)"\0", 1);
+	}
+	/* Should cause a SHA1Transform() */
+	SHA1Update(context, finalcount, 8);
+	for (i = 0; i < 20; i++)
+	{
+		digest[i] = (unsigned char)((context->state[i >> 2] >> ((3 - (i & 3)) * 8)) & 255);
+	}
+	/* Wipe variables */
+	i = 0;
+	memset(context->buffer, 0, 64);
+	memset(context->state, 0, 20);
+	memset(context->count, 0, 8);
+	memset(finalcount, 0, 8);
+}
+
+/* ===== end - public domain SHA1 implementation ===== */
--- a/src/sha1.h
+++ b/src/sha1.h
@@ -0,0 +1,71 @@
+/*
+ * SHA1 internal definitions
+ * Copyright (c) 2003-2005, Jouni Malinen <j@w1.fi>
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+/**
+** \defgroup sha1 SHA1
+** SHA1 API.
+** Adapted from
+** https://web.mit.edu/freebsd/head/contrib/wpa/src/crypto/sha1_i.h by Cory
+** McWilliams 2025-09-28.
+** @{
+*/
+
+#ifndef SHA1_I_H
+#define SHA1_I_H
+
+#include <inttypes.h>
+
+/**
+** SHA1 context struct.
+*/
+struct SHA1Context
+{
+	/** SHA1 state. */
+	uint32_t state[5];
+	/** SHA1 count. */
+	uint32_t count[2];
+	/** SHA1 buffer. */
+	unsigned char buffer[64];
+};
+
+/**
+** SHA1 context.
+*/
+typedef struct SHA1Context SHA1_CTX;
+
+/**
+** Initialize a SHA1 context.
+** @param context The context.
+*/
+void SHA1Init(struct SHA1Context* context);
+
+/**
+** Calculate an ongoing hash for a block of data.
+** @param context The SHA1 context.
+** @param data The data to hash.
+** @param len The length of data.
+*/
+void SHA1Update(struct SHA1Context* context, const void* data, uint32_t len);
+
+/**
+** Calculate the final hash digest.
+** @param digest Populated with the digest.
+** @param context The SHA1 context.
+*/
+void SHA1Final(unsigned char digest[20], struct SHA1Context* context);
+
+/**
+** Perform a SHA1 transformation.
+** @param state The SHA1 state.
+** @param buffer The data.
+*/
+void SHA1Transform(uint32_t state[5], const unsigned char buffer[64]);
+
+#endif /* SHA1_I_H */
+
+/** @} */
--- a/src/socket.js.c
+++ b/src/socket.js.c
--- a/src/socket.js.h
+++ b/src/socket.js.h
@@ -1,30 +0,0 @@
-#pragma once
-
-/**
-** \defgroup socket_js Socket Interface
-** Exposes network sockets to script.
-** @{
-*/
-
-#include "quickjs.h"
-
-/**
-** Register the socket script interface.
-** @param context The JS context.
-** @return The Socket constructor.
-*/
-JSValue tf_socket_register(JSContext* context);
-
-/**
-** Get the number of active socket objects.
-** @return The count.
-*/
-int tf_socket_get_count();
-
-/**
-** Get the number of connected socket objects.
-** @return the count.
-*/
-int tf_socket_get_open_count();
-
-/** @} */
--- a/src/ssb.c
+++ b/src/ssb.c
@@ -1,5 +1,6 @@
 #include "ssb.h"

+#include "http.h"
 #include "log.h"
 #include "mem.h"
 #include "ssb.connections.h"
@@ -2711,6 +2712,7 @@ void tf_ssb_destroy(tf_ssb_t* ssb)
 			tf_printf("--\n");
 			uv_print_all_handles(ssb->loop, stdout);
 		}
+		tf_http_debug_destroy();
 		uv_run(ssb->loop, UV_RUN_ONCE);
 	}

--- a/src/ssb.db.c
+++ b/src/ssb.db.c
@@ -421,6 +421,7 @@ void tf_ssb_db_init(tf_ssb_t* ssb)
 		_tf_ssb_db_exec(db, "COMMIT TRANSACTION");
 		tf_printf("Done.\n");
 	}
+	_tf_ssb_db_exec(db, "DELETE FROM blob_wants_cache WHERE blob_wants_cache.id IN (SELECT blobs.id FROM blobs)");
 	if (!_tf_ssb_db_has_rows(db, "SELECT * FROM sqlite_schema WHERE type = 'index' AND name = 'blob_wants_cache_source_id_unique_index'"))
 	{
 		tf_printf("Creating blob_wants_cache UNIQUE constraint.\n");
@@ -436,8 +437,11 @@ void tf_ssb_db_init(tf_ssb_t* ssb)
 	_tf_ssb_db_exec(db,
 		"CREATE TRIGGER IF NOT EXISTS messages_ai_blob_wants_cache AFTER INSERT ON messages_refs BEGIN "
 		"INSERT INTO blob_wants_cache (source, id, timestamp) "
-		"SELECT messages.id, new.ref, messages.timestamp FROM messages WHERE messages.id = new.message AND "
-		"LENGTH(new.ref) = 52 AND new.ref LIKE '&%.sha256' "
+		"SELECT messages.id, new.ref, messages.timestamp FROM messages "
+		"JOIN blobs ON new.ref = blobs.id "
+		"WHERE messages.id = new.message AND "
+		"LENGTH(new.ref) = 52 AND new.ref LIKE '&%.sha256' AND "
+		"blobs.content IS NULL "
 		"ON CONFLICT (source, id) DO NOTHING; END");
 	_tf_ssb_db_exec(db, "DROP TRIGGER IF EXISTS blobs_refs_ai_blob_wants_cache");
 	_tf_ssb_db_exec(db,
@@ -445,6 +449,8 @@ void tf_ssb_db_init(tf_ssb_t* ssb)
 		"INSERT INTO blob_wants_cache (source, id, timestamp) "
 		"SELECT messages.id, new.ref, messages.timestamp FROM messages "
 		"JOIN blob_wants_cache bwc ON bwc.source = messages.id AND bwc.id = new.blob "
+		"JOIN blobs ON bwc.id = blobs.id "
+		"WHERE blobs.content IS NULL "
 		"ON CONFLICT (source, id) DO NOTHING; END");
 	_tf_ssb_db_exec(db,
 		"CREATE TRIGGER IF NOT EXISTS messages_ad_blob_wants_cache AFTER DELETE ON messages BEGIN "
@@ -574,16 +580,15 @@ static int64_t _tf_ssb_db_store_message_raw(sqlite3* db, const char* id, const c
 	return last_row_id;
 }

-static char* _tf_ssb_db_get_message_blob_wants(tf_ssb_t* ssb, int64_t rowid)
+static char* _tf_ssb_db_get_message_blob_wants(sqlite3* db, int64_t rowid)
 {
-	sqlite3* db = tf_ssb_acquire_db_reader(ssb);
 	sqlite3_stmt* statement;
 	char* result = NULL;
 	size_t size = 0;

 	if (sqlite3_prepare_v2(db,
 			"SELECT DISTINCT json.value FROM messages, json_tree(messages.content) AS json LEFT OUTER JOIN blobs ON json.value = blobs.id WHERE messages.rowid = ?1 AND "
-			"json.value LIKE '&%.sha256' AND length(json.value) = ?2 AND blobs.content IS NULL",
+			"length(json.value) = ?2 AND json.value LIKE '&%.sha256' AND blobs.content IS NULL",
 			-1, &statement, NULL) == SQLITE_OK)
 	{
 		if (sqlite3_bind_int64(statement, 1, rowid) == SQLITE_OK && sqlite3_bind_int(statement, 2, k_blob_id_len - 1) == SQLITE_OK)
@@ -615,10 +620,15 @@ static char* _tf_ssb_db_get_message_blob_wants(tf_ssb_t* ssb, int64_t rowid)
 	result = tf_realloc(result, size + 1);
 	result[size] = '\0';

-	tf_ssb_release_db_reader(ssb, db);
 	return result;
 }

+typedef enum _message_type_t
+{
+	k_message_type_other,
+	k_message_type_post,
+} message_type_t;
+
 typedef struct _message_store_t
 {
 	char id[k_id_base64_len];
@@ -631,6 +641,7 @@ typedef struct _message_store_t
 	const char* content;
 	size_t length;

+	message_type_t type;
 	bool out_stored;
 	char* out_blob_wants;

@@ -653,7 +664,7 @@ static void _tf_ssb_db_store_message_work(tf_ssb_t* ssb, void* user_data)
 		if (last_row_id != -1)
 		{
 			store->out_stored = true;
-			store->out_blob_wants = _tf_ssb_db_get_message_blob_wants(ssb, last_row_id);
+			store->out_blob_wants = _tf_ssb_db_get_message_blob_wants(db, last_row_id);
 		}
 		store = store->next;
 	}
@@ -712,6 +723,28 @@ static void _tf_ssb_db_store_message_after_work(tf_ssb_t* ssb, int status, void*
 			tf_trace_end(trace);
 		}

+#if TARGET_OS_IPHONE
+		if (store->type == k_message_type_post)
+		{
+			JSContext* context = tf_ssb_get_context(ssb);
+			JSValue content = JS_ParseJSON(context, store->content, strlen(store->content), NULL);
+			if (JS_IsObject(content))
+			{
+				JSValue type_value = JS_GetPropertyStr(context, content, "type");
+				const char* type = JS_ToCString(context, type_value);
+				JSValue text_value = JS_GetPropertyStr(context, content, "text");
+				const char* text = JS_ToCString(context, text_value);
+				void tf_notify_message_added_ios(const char* identifier, const char* title, const char* content);
+				tf_notify_message_added_ios(store->id, type, text);
+				JS_FreeCString(context, text);
+				JS_FreeValue(context, text_value);
+				JS_FreeCString(context, type);
+				JS_FreeValue(context, type_value);
+			}
+			JS_FreeValue(context, content);
+		}
+#endif
+
 		if (store->callback)
 		{
 			store->callback(store->id, store->out_stored, store->user_data);
@@ -773,6 +806,16 @@ void tf_ssb_db_store_message(
 	JS_FreeValue(context, timestampval);

 	JSValue contentval = JS_GetPropertyStr(context, val, "content");
+	JSValue typeval = JS_IsObject(contentval) ? JS_GetPropertyStr(context, contentval, "type") : JS_UNDEFINED;
+	const char* type = JS_IsString(typeval) ? JS_ToCString(context, typeval) : NULL;
+	message_type_t message_type = k_message_type_other;
+	if (type)
+	{
+		message_type = strcmp(type, "post") == 0 ? k_message_type_post : k_message_type_other;
+	}
+	JS_FreeCString(context, type);
+	JS_FreeValue(context, typeval);
+
 	JSValue content = JS_JSONStringify(context, contentval, JS_NULL, JS_NULL);
 	size_t content_len;
 	const char* contentstr = JS_ToCStringLen(context, &content_len, content);
@@ -784,6 +827,7 @@ void tf_ssb_db_store_message(
 		.sequence = sequence,
 		.timestamp = timestamp,
 		.content = contentstr,
+		.type = message_type,
 		.length = content_len,
 		.flags = flags,

@@ -972,7 +1016,7 @@ static void _tf_ssb_db_blob_store_work(tf_ssb_t* ssb, void* user_data)
 static void _tf_ssb_db_blob_store_after_work(tf_ssb_t* ssb, int status, void* user_data)
 {
 	blob_store_work_t* blob_work = user_data;
-	if (status == 0 && *blob_work->id)
+	if (status == 0 && *blob_work->id && blob_work->is_new)
 	{
 		tf_ssb_notify_blob_stored(ssb, blob_work->id);
 	}
@@ -1553,8 +1597,10 @@ typedef struct _following_t
 	int depth;
 	following_t** following;
 	following_t** blocking;
+	following_t** both;
 	int following_count;
 	int blocking_count;
+	int both_count;
 	int ref_count;
 	int block_ref_count;
 } following_t;
@@ -1671,14 +1717,27 @@ static void _populate_follows_and_blocks(
 					{
 						if (_add_following_entry(&entry->following, &entry->following_count, next))
 						{
-							next->ref_count++;
+							if (next->ref_count++ == 0 && next->block_ref_count)
+							{
+								if (_remove_following_entry(&entry->blocking, &entry->blocking_count, next))
+								{
+									_remove_following_entry(&entry->following, &entry->following_count, next);
+									_add_following_entry(&entry->both, &entry->both_count, next);
+								}
+							}
 						}
 					}
 					else
 					{
 						if (_remove_following_entry(&entry->following, &entry->following_count, next))
 						{
-							next->ref_count--;
+							if (next->ref_count-- == 1 && next->block_ref_count)
+							{
+								if (_remove_following_entry(&entry->both, &entry->both_count, next))
+								{
+									_add_following_entry(&entry->blocking, &entry->blocking_count, next);
+								}
+							}
 						}
 					}
 				}
@@ -1693,14 +1752,29 @@ static void _populate_follows_and_blocks(
 					{
 						if (_add_following_entry(&entry->blocking, &entry->blocking_count, next))
 						{
-							next->block_ref_count++;
+							if (next->block_ref_count++ == 0 && next->ref_count)
+							{
+								if (_remove_following_entry(&entry->following, &entry->following_count, next))
+								{
+									next->ref_count--;
+									_remove_following_entry(&entry->blocking, &entry->blocking_count, next);
+									_add_following_entry(&entry->both, &entry->both_count, next);
+								}
+							}
 						}
 					}
 					else
 					{
 						if (_remove_following_entry(&entry->blocking, &entry->blocking_count, next))
 						{
-							next->block_ref_count--;
+							if (next->block_ref_count-- == 1)
+							{
+								if (_remove_following_entry(&entry->both, &entry->both_count, next))
+								{
+									next->ref_count++;
+									_add_following_entry(&entry->following, &entry->following_count, next);
+								}
+							}
 						}
 					}
 				}
@@ -1797,6 +1871,7 @@ tf_ssb_following_t* tf_ssb_db_following_deep(tf_ssb_t* ssb, const char** ids, in
 	{
 		tf_free(following[i]->following);
 		tf_free(following[i]->blocking);
+		tf_free(following[i]->both);
 		tf_free(following[i]);
 	}
 	tf_free(following);
@@ -1848,6 +1923,7 @@ const char** tf_ssb_db_following_deep_ids(tf_ssb_t* ssb, const char** ids, int c
 	{
 		tf_free(following[i]->following);
 		tf_free(following[i]->blocking);
+		tf_free(following[i]->both);
 		tf_free(following[i]);
 	}
 	tf_free(following);
@@ -2182,56 +2258,40 @@ bool tf_ssb_db_identity_get_active(sqlite3* db, const char* user, const char* pa
 	return found;
 }

-typedef struct _resolve_index_t
+const char* tf_ssb_db_resolve_index(sqlite3* db, const char* host)
 {
-	const char* host;
-	const char* path;
-	void (*callback)(const char* path, void* user_data);
-	void* user_data;
-} resolve_index_t;
+	const char* result = NULL;

-static void _tf_ssb_db_resolve_index_work(tf_ssb_t* ssb, void* user_data)
-{
-	resolve_index_t* request = user_data;
-
-	sqlite3* db = tf_ssb_acquire_db_reader(ssb);
-	sqlite3_stmt* statement;
-	if (sqlite3_prepare_v2(db, "SELECT json_extract(value, '$.index_map') FROM properties WHERE id = 'core' AND key = 'settings'", -1, &statement, NULL) == SQLITE_OK)
+	if (!result)
 	{
-		if (sqlite3_step(statement) == SQLITE_ROW)
-		{
-			const char* index_map = (const char*)sqlite3_column_text(statement, 0);
-			const char* start = index_map;
-			while (start)
-			{
-				const char* end = strchr(start, '\n');
-				const char* equals = strchr(start, '=');
-				if (equals && strncasecmp(request->host, start, equals - start) == 0)
-				{
-					size_t value_length = end && equals < end ? (size_t)(end - (equals + 1)) : strlen(equals + 1);
-					char* path = tf_malloc(value_length + 1);
-					memcpy(path, equals + 1, value_length);
-					path[value_length] = '\0';
-					request->path = path;
-					break;
-				}
-				start = end ? end + 1 : NULL;
-			}
-		}
-		sqlite3_finalize(statement);
-	}
-	else
-	{
-		tf_printf("prepare failed: %s\n", sqlite3_errmsg(db));
+		/* Maybe we need to force the EULA first. */
 	}

-	if (!request->path)
+	if (!result)
 	{
-		if (sqlite3_prepare_v2(db, "SELECT json_extract(value, '$.index') FROM properties WHERE id = 'core' AND key = 'settings'", -1, &statement, NULL) == SQLITE_OK)
+		/* Use the index_map setting. */
+		sqlite3_stmt* statement;
+		if (sqlite3_prepare_v2(db, "SELECT json_extract(value, '$.index_map') FROM properties WHERE id = 'core' AND key = 'settings'", -1, &statement, NULL) == SQLITE_OK)
 		{
 			if (sqlite3_step(statement) == SQLITE_ROW)
 			{
-				request->path = tf_strdup((const char*)sqlite3_column_text(statement, 0));
+				const char* index_map = (const char*)sqlite3_column_text(statement, 0);
+				const char* start = index_map;
+				while (start)
+				{
+					const char* end = strchr(start, '\n');
+					const char* equals = strchr(start, '=');
+					if (equals && strncasecmp(host, start, equals - start) == 0)
+					{
+						size_t value_length = end && equals < end ? (size_t)(end - (equals + 1)) : strlen(equals + 1);
+						char* path = tf_malloc(value_length + 1);
+						memcpy(path, equals + 1, value_length);
+						path[value_length] = '\0';
+						result = path;
+						break;
+					}
+					start = end ? end + 1 : NULL;
+				}
 			}
 			sqlite3_finalize(statement);
 		}
@@ -2240,32 +2300,32 @@ static void _tf_ssb_db_resolve_index_work(tf_ssb_t* ssb, void* user_data)
 			tf_printf("prepare failed: %s\n", sqlite3_errmsg(db));
 		}
 	}
-	tf_ssb_release_db_reader(ssb, db);

-	if (!request->path)
+	if (!result)
 	{
-		request->path = tf_strdup(tf_util_get_default_global_setting_string("index"));
+		/* Use the index setting. */
+		sqlite3_stmt* statement;
+		if (sqlite3_prepare_v2(db, "SELECT json_extract(value, '$.index') FROM properties WHERE id = 'core' AND key = 'settings'", -1, &statement, NULL) == SQLITE_OK)
+		{
+			if (sqlite3_step(statement) == SQLITE_ROW)
+			{
+				result = tf_strdup((const char*)sqlite3_column_text(statement, 0));
+			}
+			sqlite3_finalize(statement);
+		}
+		else
+		{
+			tf_printf("prepare failed: %s\n", sqlite3_errmsg(db));
+		}
 	}
-}

-static void _tf_ssb_db_resolve_index_after_work(tf_ssb_t* ssb, int status, void* user_data)
-{
-	resolve_index_t* request = user_data;
-	request->callback(request->path, request->user_data);
-	tf_free((void*)request->host);
-	tf_free((void*)request->path);
-	tf_free(request);
-}
+	if (!result)
+	{
+		/* Use the default index. */
+		result = tf_strdup(tf_util_get_default_global_setting_string("index"));
+	}

-void tf_ssb_db_resolve_index_async(tf_ssb_t* ssb, const char* host, void (*callback)(const char* path, void* user_data), void* user_data)
-{
-	resolve_index_t* request = tf_malloc(sizeof(resolve_index_t));
-	*request = (resolve_index_t) {
-		.host = tf_strdup(host),
-		.callback = callback,
-		.user_data = user_data,
-	};
-	tf_ssb_run_work(ssb, _tf_ssb_db_resolve_index_work, _tf_ssb_db_resolve_index_after_work, request);
+	return result;
 }

 static void _tf_ssb_db_set_flags(tf_ssb_t* ssb, const char* message_id, int flags)
@@ -2461,6 +2521,32 @@ bool tf_ssb_db_get_global_setting_string(sqlite3* db, const char* name, char* ou
 	return result;
 }

+const char* tf_ssb_db_get_global_setting_string_alloc(sqlite3* db, const char* name)
+{
+	const char* result = NULL;
+	sqlite3_stmt* statement;
+	if (sqlite3_prepare_v2(db, "SELECT json_extract(value, '$.' || ?) FROM properties WHERE id = 'core' AND key = 'settings'", -1, &statement, NULL) == SQLITE_OK)
+	{
+		if (sqlite3_bind_text(statement, 1, name, -1, NULL) == SQLITE_OK)
+		{
+			if (sqlite3_step(statement) == SQLITE_ROW && sqlite3_column_type(statement, 0) != SQLITE_NULL)
+			{
+				result = tf_strdup((const char*)sqlite3_column_text(statement, 0));
+			}
+		}
+		sqlite3_finalize(statement);
+	}
+	else
+	{
+		tf_printf("prepare failed: %s\n", sqlite3_errmsg(db));
+	}
+	if (!result)
+	{
+		result = tf_strdup(tf_util_get_default_global_setting_string(name));
+	}
+	return result;
+}
+
 bool tf_ssb_db_set_global_setting_from_string(sqlite3* db, const char* name, char* value)
 {
 	tf_setting_kind_t kind = tf_util_get_global_setting_kind(name);
@@ -2484,7 +2570,7 @@ bool tf_ssb_db_set_global_setting_from_string(sqlite3* db, const char* name, cha
 				bound = sqlite3_bind_int(statement, 2, value && (strcmp(value, "true") == 0 || atoi(value))) == SQLITE_OK;
 				break;
 			case k_kind_int:
-				bound = sqlite3_bind_int(statement, 2, atoi(value)) == SQLITE_OK;
+				bound = sqlite3_bind_int64(statement, 2, atoll(value)) == SQLITE_OK;
 				break;
 			case k_kind_string:
 				bound = sqlite3_bind_text(statement, 2, value, -1, NULL) == SQLITE_OK;
--- a/src/ssb.db.h
+++ b/src/ssb.db.h
@@ -445,12 +445,11 @@ bool tf_ssb_db_add_value_to_array_property(tf_ssb_t* ssb, const char* id, const

 /**
 ** Resolve a hostname to its index path by global settings.
-** @param ssb The SSB instance.
+** @param db The database.
 ** @param host The hostname.
-** @param callback The callback.
-** @param user_data The callback user data.
+** @return The resolved index.  Free with tf_free().
 */
-void tf_ssb_db_resolve_index_async(tf_ssb_t* ssb, const char* host, void (*callback)(const char* path, void* user_data), void* user_data);
+const char* tf_ssb_db_resolve_index(sqlite3* db, const char* host);

 /**
 ** Verify an author's feed.
@@ -500,6 +499,14 @@ bool tf_ssb_db_get_global_setting_int64(sqlite3* db, const char* name, int64_t*
 */
 bool tf_ssb_db_get_global_setting_string(sqlite3* db, const char* name, char* out_value, size_t size);

+/**
+** Get a string global setting value.
+** @param db The database.
+** @param name The setting name.
+** @return The setting if found.
+*/
+const char* tf_ssb_db_get_global_setting_string_alloc(sqlite3* db, const char* name);
+
 /**
 ** Set a global setting from a string representation of its value.
 ** @param db The database.
--- a/src/ssb.import.c
+++ b/src/ssb.import.c
@@ -151,6 +151,14 @@ static void _tf_ssb_import_recursive_add_files(tf_ssb_t* ssb, uv_loop_t* loop, J
 				tf_free(blob);
 				tf_free(full_path);
 			}
+			else if (ent.type == UV_DIRENT_DIR)
+			{
+				size_t len = strlen(path) + strlen(ent.name) + 2;
+				char* full_path = tf_malloc(len);
+				snprintf(full_path, len, "%s/%s", path, ent.name);
+				_tf_ssb_import_recursive_add_files(ssb, loop, context, files, root, full_path);
+				tf_free(full_path);
+			}
 		}
 	}
 	else
--- a/Show More
+++ b/Show More